Architecture models and posters for Microsoft 365 Enterprise


These architecture models and posters provide recommended capabilities and architectures for adoption of enterprise cloud capabilities, starting with capabilities included in the Microsoft 365 Enterprise plans.

Many of these resources are large posters or other illustrations. These are provided in two formats — Visio and PDF. You can modify the Visio files for your own use.


Most of the posters on this page are available in multiple languages, including Chinese, English, French, German, Italian, Japanese, Korean, Portuguese, Russian, and Spanish. To download a poster in one of these languages, click the More languages link for that poster. Let us know what you think by sending us email at

Three tiers of protection for data, identities and devices

Microsoft provides many protection capabilities across our cloud services. We know it can be challenging to choose the right set of capabilities for your organization. These resources recommend the most common capabilities to help you secure your data, identities, and devices.

Capabilities are recommended in three tiers — baseline protection, sensitive protection, and protection for environments with highly regulated or classified data.

It’s important to use consistent levels of protection across your data, identities, and devices. For example, if you protect sensitive data at a higher level, be sure to protect the identities and devices that access this data at a comparable level. These resources show you which capabilities are comparable.

Identity and Device Protection for Office 365 and other SaaS Apps

Identity and Device Protection

PDF | Visio | More languages

File Protection Solutions in Office 365

File Protection Solutions

PDF | Visio

Information Protection for Office 365

Information Protection

PDF | Visio | More languages

Windows 10 and Office 365 ProPlus deployment and change management

Windows 10 and Office 365 ProPlus are optimized for the cloud and deliver value to enterprise organizations beyond any competing client. These resources show how to architect end-to-end solutions for deployment, protection, and change management of your modern desktop.

Deploy a Modern and Secure Desktop

Modern and secure desktop

PDF | Visio

Change Management for Office 365 Clients

Change Management

PDF | Visio | Article | More languages

Microsoft Cloud for enterprise architects series

Microsoft offers the broadest set of cloud offerings with the most potential for integration. These resources demonstrate common approaches for IT Architects, Solution Architects, and IT Decision Makers.

Microsoft Cloud Identity for Enterprise Architects

Identity integration is a core infrastructure component for cloud integration. This resource summarizes solutions that are recommended and tested for enterprise organizations.

Item Description
Cloud Identity This model contains:
  • Introduction to identity with Microsoft’s cloud
  • Azure AD IDaaS capabilities
  • Integrating on-premises Active Directory Domain Services accounts with Microsoft Azure Active Directory
  • Putting directory components in Azure
  • Domain services options for workloads in Azure IaaS

PDF | Visio | More languages

Microsoft Cloud Security for Enterprise Architects

Microsoft has developed leading-edge best practices in the design and management of online services. This resource shows how to take a systematic approach to security across all of your cloud solutions.

Item Description
Cloud Security This model contains:
  • Microsoft's role in providing secure services and platforms
  • Customer responsibilities to mitigate security risks
  • Top security certifications
  • Security offerings provided by Microsoft consulting services
Take Security in a Cloud-Enabled World, a Microsoft Virtual Academy course based on this architecture poster.

PDF | Visio | More languages

Microsoft Cloud Networking for Enterprise Architects

Cloud migration changes the volume and nature of traffic flows within and outside a corporate network. It also affects approaches to mitigating security risk. Learn about network infrastructure components affected by adoption of Office 365, Microsoft Intune, or Dynamics 365 and by deploying line-of-business applications in Azure PaaS and IaaS.

Item Description
Cloud Networking This model contains:
  • Evolving your network for cloud connectivity
  • Common elements of Microsoft cloud connectivity
  • ExpressRoute for Microsoft cloud connectivity
  • Designing networking for Microsoft SaaS (Office 365, Microsoft Intune, and Dynamics CRM Online)
  • Designing networking for Azure PaaS
  • Designing networking for Azure IaaS
Take Optimize Your Network for Microsoft Cloud Offerings, a new Microsoft Virtual Academy course based on this architecture poster.

PDF | Visio | Article | More languages

Microsoft Hybrid Cloud for Enterprise Architects

You can use hybrid cloud solutions as a path to migrate your business and IT needs to the cloud or to integrate cloud platforms and services with your existing on-premises infrastructure as part of your overall IT strategy. Learn about hybrid solutions for Office 365 workloads, PaaS workloads, and IaaS LOB solutions.

Item Description
Hybrid Cloud This model contains:
  • Hybrid cloud overview
  • Architecture of Microsoft hybrid cloud scenarios
  • Hybrid cloud scenarios for Microsoft SaaS (Office 365)
  • Hybrid cloud scenarios for Azure PaaS
  • Hybrid cloud scenarios for Azure IaaS

PDF | Visio | Article | More languages

Microsoft Mobility and Security for Enterprise Architects

Microsoft provides broad support for mobile workers. Learn how to protect your organization's data and applications while enabling collaboration and productivity.

Item Description
Mobility and Security This model contains:
  • Top mobile apps for business
  • Platform, services, and resources for developing mobile apps
  • Managing access to cloud-based applications and data from mobile devices
  • Comparison of capabilities and platform support for Office 365 MDM, Azure Active Directory Premium, and Intune

PDF | Visio | More languages

Microsoft Cloud Storage for Enterprise Architects

Storage is one of the first workloads organizations move to the cloud. Learn how the most common storage scenarios of enterprise organizations map across Microsoft’s cloud.

Item Description
Cloud Storage This model contains:
  • Reasons for using cloud storage and the key scenarios
  • Cloud storage options that are bundled with existing services
  • Storage options that you can use as a starting point for your storage solution
  • Storage building blocks to create your own storage solution or storage for your apps

PDF | Visio | More languages

Contoso in the Microsoft Cloud

See how a fictional but representative global organization has implemented Microsoft's cloud offerings, including Office 365, Azure, Dynamics 365, and Intune. Learn about Contoso’s existing on-premises IT infrastructure and the key design decisions it has made to address networking, identity, subscriptions and licenses, and security in its journey to the cloud.

Item Description
Contoso in the Cloud This model contains:
  • Overview of the Contoso Corporation
  • Contoso's IT infrastructure and needs
  • Cloud networking for Contoso
  • Cloud identity for Contoso
  • Contoso's subscriptions, licenses, and user accounts
  • Cloud security for Contoso
  • Enterprise cloud scenarios for Contoso

PDF | Visio | Article | More languages

Microsoft’s Enterprise Cloud Roadmap

See the posters, icon sets, community venues, and other resources that describe the industry's most complete cloud solution.

Item Description
Enterprise Cloud Roadmap
Microsoft's Enterprise Cloud Roadmap (
Swipe through this Sway experience for the resources that describe the industry's most complete cloud solution.