hamburger icon close icon

Deploying Windows Applications Correctly and Securely on AWS

April 3, 2019

Topics: 6 minute read

Migrating Microsoft Windows applications to the cloud is often a frustrating and expensive process. The failure and rollback rates for these projects is far higher than most people realize. There are various factors that make Windows application migrations particularly error prone: key hosting platform differences, legacy application architecture, antiquated security infrastructure, and a lack of automation-centric operations experience. Many Windows applications were written before the cloud era and make flawed assumptions about the stability and durability of the underlying infrastructure. These design assumptions are almost invariably inconsistent with best current practices around cloud-native architecture and infrastructure operations.

The AWS Workload Migration Challenge

Microsoft Windows IaaS workloads tend to be the most incorrectly deployed and operated cloud computing workloads. Historically, Windows ecosystem users did not have heavy scripting and automation backgrounds—most deployments are one-offs, with no clear record of the system state or changes made over time. And most of the time, these deployments tend to be very long running, with patches and manual maintenance rather than frequent refreshes via redeployment. These operational practices are completely at odds with the core principles of cloud architecture and operation, and often lead to the type of catastrophic security issues that have plagued the Windows ecosystem in years past. 

Correctly migrating yesterday’s app to today’s cloud platform is rarely as simple as “lift and shift and tinker” VM conversion—despite what those with a financial motive may publicize, this is almost always the wrong thing to do. When migrating Microsoft workloads into the cloud, companies need to make sure those workloads maintain functionality, consistency, and security. The vast majority—perhaps as many as 90%—of these workload migrations are done incorrectly or, at a minimum, in a non-repeatable fashion that creates and perpetuates technical debt. One-off manual redeployments, “lift and shift” VM conversions, overprovisioned cloud resources, and a lack of per-application security are among the most common problems that Cascadeo encounters in client cloud migration initiatives. It is almost never the case that importing yesterday’s virtual machines is the right way to move Windows applications to the cloud.

The challenge becomes migrating without duplicating these legacy issues in the cloud. How do we quickly and painlessly deploy Microsoft workloads to Amazon Web Services (AWS) in a repeatable, consistent, reliable, and highly functional way? This challenge is particularly problematic with legacy Windows applications, many of which assume a shared file system mounted read/write to each application server. This legacy architecture is problematic for a number of reasons, the least of which is the scalability, security, cost, and blast radius concerns associated with any sort of networked file system.

Cascadeo’s Solution: NetApp Cloud Volumes Service

Enter NetApp® Cloud Volumes Service for AWS - a consumption-oriented cloud service available through AWS Marketplace. NetApp Cloud Volumes Service for AWS is a fully managed cloud service that enables you to move your workloads and applications to the cloud and manage them with ease. Cloud Volumes Service removes obstacles so that you can move more of your file-based applications to the cloud. It provides a solution to the problem of shared storage for Windows Server for AWS without all the overhead and administration involved with an in-house solution.

Cloudformation, Lambda & NetApp

Cascadeo automated the deployment of Cloud Volumes Service as part of a larger CloudFormation-driven solution framework. Automations, not human-driven mouse clicks, are used to create a volume and connect it to a hardened, well-architected Windows workload on AWS. The storage volumes are delivered as a cloud service by NetApp to your Windows compute instances, just as easily as any other Windows file share. NetApp Cloud Volumes Service for AWS comes as a consumption-oriented SaaS/PaaS service instead of a retail product you would buy and deploy into your own data center. With Cloud Volumes Service, you’ll experience the same tools and security as on-prem, delivered as a professionally managed service by NetApp.  NetApp Cloud Volumes Service for AWS is based on the award-winning Data OnTAP platform that IT administrators around the world have come to know and love.  The key features that made Data OnTAP the industry leading platform are integrated into Cloud Volumes Service. Managed Cloud Operations for Windows Managed Cloud Operations for Windows + Cloud Volumes Service Workloads on AWS Managed Cloud Operations for Windows + Cloud Volumes Service Workloads on AWS

With NetApp operationally responsible for durable, high-performance cloud filestorage, Cascadeo steps in to support 24x7 managed operations for the infrastructure and application workload via the platform for cloud managed services.  Unlike other managed services providers, Cascadeo doesn’t replace your tools, infrastructure, or monitoring framework. Instead, the approach is to stream operationaldata into Cascadeo’s SaaS Analytics backend and provide support built on whatever tools clients already have.  For those lacking modern IT telemetry infrastructure, Cascadeo deploys tools automatically via Terraform-driven automation.  This reduces the time to full MSP operations from weeks to minutes, and reduces the client’s deployment expense to a tiny fraction of what a professional services engagement would require.  Cascadeo can literally deploy a complete, production-ready Windows + NetApp implementation on AWS with live managed services support the same day a client requests it; other AWS Premier Consulting partners often take 60-90 days to deploy and operationalize a similar solution.   It is because of Cascadeo’s extensive experience in infrastructure automation, extreme-scale time-series data analysis, and numerous past cloud architecture engagements that the company was able to develop the platform.

Current integrations

Cascadeo Is a Client-First MSP and Professional Services Partner to NetApp

Cascadeo is an AWS Premier Consulting Partner and Managed Services Provider based in Seattle, WA, USA with a secondary headquarters in metro Manila, Philippines. The 13-year-old company has worked with well over a hundred enterprise clients across the United States, Europe, and APAC regions to successfully design and deploy solutions to public cloud environments. As a cloud-first partner to NetApp, Cascadeo recommends and implements solutions from a variety of vendors, but is not a VAR or reseller, and focuses exclusively on finding the right products for a given customer engagement. Put differently, Cascadeo is less concerned with selling products and more concerned with solving clients’ problems correctly and efficiently, setting them up for long-term success rather than focusing on near-term revenue or platform adoption.

Together, NetApp and Cascadeo keep your files and Windows applications connected, accessible, monitored, and competently operated in the cloud.

To learn more about how NetApp and Cascadeo migrate workloads into AWS, check out the following demonstration.


About NetApp Cloud Volumes Service

Cloud Volumes Service simplifies data migration from on-prem without reaching your applications, including support for NFS3 and SMB protocols. You get fast file-storage performance with a choice of three (3) performance levels: standard, premium, and extreme with the ability to change performance on-the-fly as your applications demand it. It provides rich features such as Snapshots, clones, and backup capabilities that help you better manage your applications. If you’re ready to use a solution for shared storage for Windows Server in AWS, sign up for Cloud Volumes Service for AWS.

About Cascadeo

Cascadeo is a cloud DevOps engineering firm focused on taking care of your cloud deployments so you can focus on building your products and services. We work with you at every stage of your initiative, from the definition of your cloud strategy to the design, build, CI/CD automation, and management of your cloud deployment. We understand how to build toward operability and align with your business model, objectives, and roadmap to ensure your success at every stage of your growth.

David Boland, NetApp I Jared Reimer, Cascadeo

NetApp I Jared Reimer, Cascadeo