Is your enterprise considering moving to cloud-based Infrastructure as a Service? Amazon and Azure are the two primary players, but which one is right for the needs of your business?
It's been 10 years since the introduction of Amazon Web Services (AWS). In that time a lot has changed about AWS and about the competitive landscape around it. One of those competitors, Microsoft Azure, has been operating since 2010. That's not as long as AWS of course, but six years is still quite a while, and Microsoft has a history of making significant improvements to any product it really puts it's mind to and starts iterating on.
Both services have had enough time to create flexible, stable, and profitable products. At a high level, you will be comparing AWS, a known stable and reliable choice with a wide array of compelling offerings, against Microsoft Azure, a cloud offering by the authors of many of the closed source tools you are probably already using Visual Studio, SQL Server, and indeed Windows itself. With those two choices in mind, you can bet the decision won't be easy. [Interested in PaaS cloud computing services? Check out our top picks.]
Amazon groups its Infrastructure as a Service offerings into the four categories of Compute, Storage and Content Delivery, Database, and Networking. All of those resources are used subject to Amazon's security and identity services, which include Amazon hosted Active Directory, AWS Identity Management, AWS Certificate manager for managing SSL/TLS certificates, and even hardware-based key storage and management through AWS CloudHSM. You can monitor your infrastructure resource usage through management tools like Amazon CloudWatch, AWS Cloudtrail for tracking user activity and API usage, and AWS Config for tracking resource inventory and changes.
Azure is going to be able to cover all of those broad categories, which it will call Compute, Data Management (which includes database) and Performance, and Networking. It will secure these services using a combination Azure Active Directory, Active Directory Federation Services, Multi-Factor Auth, and a sophisticated Role Based Access control model that it uses to extend a modern security architecture into the cloud where Group Policy doesn't always make sense. Azure also has a number of services and integrations for in-depth monitoring and alerting on infrastructure performance metrics and logs.
For some customers, the simplicity of licensing is a big part of the attraction of moving to the cloud. You are automatically charged for licenses you use based on usage. On the other hand, big companies probably already have lots of expensive licenses for the application servers they want to run on Windows like SQL Server or BizTalk and others. You'll be glad to know that moving to the cloud isn't automatically going to mean that those are wasted investments.
Microsoft offer license mobility for qualifying application servers, so it's important to find out ahead of time if your application is going be eligible for license mobility, and to keep in mind that Windows Server itself is not. Consider for instance running an on-premises Windows Server with SQL Server. If you spin up a VM in the cloud running the same stack, you will be paying for two Windows Server licenses since that license is charged by usage and it is not eligible for mobility. The SQL Server license, however, is eligible, and you can use the license you already paid for to run your SQL Server instance in the cloud.
The Hybrid Cloud
If you have the luxury of developing new apps, or even an entirely new startup from scratch, you probably don't have to worry about a bunch of legacy infrastructure and users that you have to accommodate during your transition to the cloud. You can just do everything in the cloud from the start, and that's really great.
For most enterprises, though, the move to the cloud is a transition, and many of them simply have no plans to run everything entirely in the cloud. There are lots of reasons why that might be, but for them, their cloud journey is likely to end with some things running in the cloud, but others still running on servers in their own data centers fully under their own control.
Microsoft has seen this pattern and responded with strong support for hybrid cloud configurations. With a hybrid cloud you can run cloud applications and deploy infrastructure assets and applications using a cloud model, but you can choose to use your on-premises compute resources when appropriate and use the cloud when needed. Crucially, a hybrid cloud allows you to transition between the two seamlessly.
With platforms like Azure StorSimple, Hybrid SQL Server, Azure Stack and others, Microsoft clearly has the advantage in the Hybrid Cloud space. Amazon knows they need to make headway here (Fortune quotes Amazon CIO acknowledging work to be done), but they're still playing catch up. Amazon does offer a few hybrid solutions like Storage Gateway, DynamoDB Local, and OpsWorks, but for now, the Microsoft has the upper hand.
Government in the Cloud
Private companies aren't the only ones looking to save money. If you are an IT leader in government thinking about moving to the cloud, you should know that despite the heavy regulatory environment you operate in, it can be done. Both Amazon and Microsoft have dedicated Government areas of their respective clouds, cordoned off from the rest of their workloads, to ensure that your strict compliance needs can be met.
Both government clouds tout their compliance with ITAR, DISA, HIPAA, CJIS, FIPS, etc., etc., and both are physically accessible only by screened U.S. persons. You can find case studies of their usage here for Amazon and here for Azure.
Right now Amazon's Gov cloud offering may have a slight edge just because it's been operating longer and has more government clients that know how to deal with them. In this business, people that know how to shuffle the proper paperwork to get a request approved is no small matter, and Amazon has that relationship with more agencies than Azure right now.
That being said, Azure does have the proper certifications, and some agencies have made the jump with them, so it can definitely be done. So if you find the rest of Azure's offerings compelling, by all means, go for it.
Microsoft has always had a focus on Enterprise customers, and as the people who write Windows and most of the other platforms these clients are using, it makes sense that their Azure integration story is good.
Microsoft is also ensuring that Visual Studio and TFS integration are excellent and that Active Directory integrates well. You can use the same Active Directory accounts you have now to sign in to the Azure cloud offerings like Office 365 or your Azure SQL instances, seamlessly.
For Microsoft shops, the cloud offered by the vendor of your platforms of choice, and the integrations it offers, can be a compelling argument.
For Open Source shops, until recently the thought of using Azure as your cloud vendor was either impossible or at least a little odd. Microsoft hasn't always had a great, or even a good, relationship with the open source community, but recently you might have noticed that relationship is changing.
That bad relationship allowed Amazon AWS to open up a significant lead over Azure in the Open Source cloud hosting space. AWS has been Linux-friendly from the start and didn't come from a history that was suspicious of open source. So if you're an open source user, you're probably going to be pretty comfortable with AWS and with all of the open source tools integrations it offers.
PowerShell and .NET Core are open sourced and taking pull requests on GitHub. SQL Server runs on Linux and Hyper-V will be running Docker. The trend continues in Azure where you can now run Red Hat Enterprise Linux and Apache Hadoop clusters. Azure and Microsoft, in general, are really trying to embrace open source in one of the biggest strategy shifts we've seen out of Redmond in a long time.
Amazon probably still has the upper hand here since it's history with open source is long, and because Azure really does work so much more seamlessly if you are using Microsoft development tools than without them. But if you want to run open source in the cloud, don't dismiss Azure without taking a look first to see if it will suit your needs because that gap is closing fast, and soon may be too close to call.
Any cloud platform vendor is going to argue that you can save money moving to the cloud. Unfortunately, making meaningful predictions of the actual cost of any actual workload can be fiendishly complex, and some of the considerations have as much to do with user behavior (shutting down VMs when not in use) as the actual workloads you want to run. Trying to make cost generalizations to help you estimate costs would probably be meaningless at best. Both Amazon and Azure have come up with provided cost calculators, which you can find at the links above.
Feature for Feature
Direct side-by-side comparisons aren't always possible between two service providers like Azure and Amazon, but some of them are close enough. The table below is an attempt at making those comparisons. This list of services is far from complete.
Try It Out
In the end, it's tough to make a significant decision like picking a cloud infrastructure vendor without actually trying them out. Amazon and Azure both offer a free tier of service, so you do just that. Keep in mind that if you are a Microsoft shop that pays for developer MSDN subscriptions, then your developers all get a small amount of Azure credit to try out Azure's services. These credits are perfect for setting up small test environments, and for trying some of these services out in a way that won't your on-premises IT people angry with lots of rogue servers on the network.
So go out and give these two clouds a try and see which suits your needs the best.