Microsoft cloud IT architecture resources

Summary: Learn core cloud architecture concepts for Microsoft identity, security, networking, and hybrid. Review prescriptive recommendations for protecting files, identities, and devices when using Microsoft's cloud. Learn how to deploy a modern and secure desktop with Windows 10 and Office ProPlus.

These architecture tools and posters give you information about Microsoft cloud services, including Office 365, Windows 10, Azure Active Directory, Microsoft Intune, Microsoft Dynamics 365, and hybrid on-premises and cloud solutions. IT decision makers and architects can use these resources to determine the ideal solutions for their workloads and to make decisions about core infrastructure components such as identity and security.

Let us know what you think! Send us email at cloudadopt@microsoft.com.

Microsoft cloud for enterprise architects series

These cloud architecture posters give you information about Microsoft cloud services, including Office 365, Azure Active Directory, Microsoft Intune, Microsoft Dynamics CRM Online, and hybrid on-premises and cloud solutions. IT decision makers and architects can use these resources to determine the ideal solutions for their workloads and to make decisions about core infrastructure components such as identity and security.

Microsoft cloud identity for enterprise architects

What IT architects need to know about designing identity for organizations using Microsoft cloud services and platforms.

Item Description
Thumb image for Microsoft cloud identity model
PDF | Visio | More languages
This model contains:
  • Introduction to identity with Microsoft’s cloud
  • Azure AD IDaaS capabilities
  • Integrating on-premises Active Directory Domain Services accounts with Microsoft Azure Active Directory
  • Putting directory components in Azure
  • Domain services options for workloads in Azure IaaS

Microsoft cloud security for enterprise architects

What IT architects need to know about security in Microsoft cloud services and platforms.

Item Description
Thumb image for Microsoft cloud security model
PDF | Visio | More languages
This model contains:
  • Microsoft's role in providing secure services and platforms
  • Customer responsibilities to mitigate security risks
  • Top security certifications
  • Security offerings provided by Microsoft consulting services

Microsoft cloud networking for enterprise architects

What IT architects need to know about networking for Microsoft cloud services and platforms.

Item Description
Thumb image for Microsoft cloud networking model
PDF | Visio | Article
More languages
This model contains the following pages:
  • Evolving your network for cloud connectivity Cloud migration changes the volume and nature of traffic flows within and outside a corporate network. It also affects approaches to mitigating security risk.
  • Common elements of Microsoft cloud connectivity Integrating your networking with the Microsoft cloud provides optimal access to a broad range of services.
  • ExpressRoute for Microsoft cloud connectivity ExpressRoute provides a private, dedicated, high-throughput network connection to Microsoft's cloud.
  • Designing networking for Microsoft SaaS (Office 365, Microsoft Intune, and Dynamics CRM Online) Optimizing your network for Microsoft SaaS services requires careful analysis of your Internet edge, your client devices, and typical IT operations.
  • Designing networking for Azure PaaS Optimizing networking for Azure PaaS apps requires adequate Internet bandwidth and can require the distribution of network traffic across multiple sites or apps.
  • Designing networking for Azure IaaS Step through the design process to create an optimal Azure virtual network (VNet) for hosting server-based IT workloads, including subnets, address spaces, routing, DNS, load balancing, and connectivity to your on-premises network, other VNets, and the Internet.

Take Optimize Your Network for Microsoft Cloud Offerings, a new Microsoft Virtual Academy course based on this architecture poster.

Microsoft hybrid cloud for enterprise architects

What IT architects need to know about hybrid cloud for Microsoft services and platforms.

Item Description
Thumb image for the Microsoft hybrid cloud model
PDF | Visio | Article
More languages
This model contains the following pages:
  • Hybrid cloud overview Microsoft's cloud offerings (SaaS, Azure PaaS, and Azure IaaS) and their common elements.
  • Architecture of Microsoft hybrid cloud scenarios An architectural diagram of hybrid cloud for Microsoft's cloud offerings, showing the common layers of on-premises infrastructure, networking, and identity.
  • Hybrid cloud scenarios for Microsoft SaaS (Office 365) The SaaS hybrid scenario architecture and descriptions of key hybrid configurations for Skype for Business, SharePoint Server, and Exchange Server.
  • Hybrid cloud scenarios for Azure PaaS The Azure PaaS hybrid scenario architecture, the description of an Azure PaaS hybrid application with an example, and the description of SQL Server 2016 Stretch Database.
  • Hybrid cloud scenarios for Azure IaaS The Azure IaaS hybrid scenario architecture and the description of a line of business (LOB) application hosted in Azure IaaS.

Common attacks and Microsoft capabilities that protect your organization

Learn about the most common cyber attacks and how Microsoft can help your organization at every stage of an attack.

Item Description
Thumb image of the Common attacks poster.
PDF | Visio
This poster illustrates the path of common attacks and describes which capabilities help stop attackers at each stage of an attack.

Microsoft 365 enterprise solution series

The Microsoft 365 enterprise solution series provides guidance for implementing Microsoft 365 capabilities, especially where capabilities cross technologies.

Identity and device protection for Office 365

Recommended capabilities for protecting identities and devices that access Office 365, other SaaS services, and on-premises applications published with Azure AD Application Proxy.

Item Description
Model poster: Identity and device protection for Office 365 and other SaaS applications
PDF | Visio | More languages
It's important to use consistent levels of protection across your data, identities, and devices. This document shows you which capabilities are comparable with more information on capabilities to protect identities and devices.

File protection solutions in Office 365

Recommended capabilities for protecting files in Office 365 based on three different sensitivity levels.

Item Description
Thumbnail for File Protection Solutions in Office 365 mini poster set
PDF | Visio
It's important to use consistent levels of protection across your data, identities, and devices. This document shows you which capabilities are comparable with more information on capabilities to protect files in Office 365.

Office 365 Information Protection for GDPR

Prescriptive recommendations for discovering, classifying, protecting, and monitoring personal data. This solution uses General Data Protection Regulation (GDPR) as an example, but you can apply the same process to achieve compliance with many other regulations.

Item Description
Thumbnail for Office 365 Information Protection for GDPR
PDF | Visio
To see this content in article format, see Office 365 Information Protection for GDPR.

Microsoft Security Guidance for Political Campaigns, Nonprofits, and Other Agile Organizations

This guidance describes how to implement a secure cloud environment. The solution guidance can be used by any organization. It includes extra help for agile organizations with BYOD access and guest accounts. You can use this guidance as a starting-point for designing your own environment.

Item Description
Microsoft Security Guidance for Political Campaigns
Thumb nail for mini poster set.
PDF | Visio
This guidance uses a political campaign organization as an example. Use this guidance as a starting point for any environment.
Microsoft Security Guidance for Nonprofits
Thumnail image for downloadable file
PDF | Visio
This guide is slightly revised for nonprofit organizations. For example, it references Office 365 Nonprofit plans. The technical guidance is the same as the political campaign solution guide.

This guidance includes Test Lab Guides. For more information, see Microsoft Security Guidance for Political Campaigns, Nonprofits, and Other Agile Organizations.

Microsoft Telephony Solutions

Microsoft supports several options as you begin your journey to Teams in the Microsoft cloud. This poster helps you decide which Microsoft telephony solution (Phone System in the cloud or Enterprise Voice on-premises) is right for users in your organization, and how your organization can connect to the Public Switched Telephone Network (PSTN).

Thumbnail for Microsoft Telephony Solutions poster
PDF | Visio

For more information, see the article for this poster: Microsoft Telephony Solutions.

Deploy a modern and secure desktop with Microsoft

What IT architects need to know about deploying and managing updates for Office 365 ProPlus on Windows 10.

Item Description
Thumbnail for the Deploy a modern and secure desktop with Microsoft model
PDF | Visio
This model contains:
  • Deploying Windows 10 and Office ProPlus from the Microsoft cloud
  • Deploying Windows 10 and Office ProPlus with System Center Configuration Manager
  • Managing updates for Windows 10 and Office ProPlus from the Microsoft cloud
  • Managing updates for Windows 10 and Office ProPlus with System Center Configuration Manager
  • Out-of-the-box and additional protection capabilities of Windows 10

See Also

Architectural models for SharePoint, Exchange, Skype for Business, and Lync

Cloud adoption Test Lab Guides (TLGs)

Security solutions

Hybrid solutions