Architecture and infrastructure
Microsoft datacenters are designed to implement a strategy of Defense-In-Depth, employing multiple layers of safeguards to reliably protect our cloud architecture and supporting infrastructure. We build redundancy into our systems at multiple levels to support datacenter availability.
Availability
Microsoft datacenters comply with industry availability standards and are designed to run 24x7x365. To achieve this, Microsoft datacenters employ measures to protect operations from physical intrusion, network failures, and power outages.
Building and electrical management systems are proactively monitored to ensure service uptime in accordance with our service level agreements. Business continuity plans are documented and ensure critical services meet availability and recovery time objectives.
Data and network redundancy
Critical datacenter facilities employ multiple layers of redundant systems to sustain faults and minimize service disruptions. Locally redundant storage at the disk level protects data within a region, with geo-redundant storage providing intra-region redundancy. To ensure reliable network communications, Microsoft owns and utilizes diverse fiber routes and redundant hardware to protect critical components from failure or service disruption.
Capacity
The Cloud Operations dedicated capacity team forecasts future requirements to ensure necessary capacity is structured and available for customer and internal use. Systems are monitored to ensure acceptable service performance and availability, service utilization, storage utilization, network latency, and audit log capacity. Microsoft also protects datacenters against the effects of denial of service attacks on bandwidth, transactional capacity, and storage capacity.
All service teams include capacity planning as a key feature of their datacenter models and data replication plans to ensure that there is necessary capacity for information processing, telecommunications, and environmental support.
Power
Microsoft's datacenters have dedicated 24x7 uninterruptible power supplies (UPS) and emergency power support, which includes on-site generators that provide backup power. Regular maintenance and testing are conducted for both the UPS and generators, and operations teams have contractual agreements with local vendors for emergency fuel delivery. Datacenters also have a dedicated Facility Operations Center to monitor power systems, including critical electrical components.
Maintenance
System maintenance policy and procedures are in place in accordance with Microsoft's Online Services Physical and Environmental Security Standard. Microsoft datacenters rely on a computerized maintenance system to manage schedules and work orders. Work orders are generated based on OEM guidelines and are assigned for completion. Maintenance steps following approved instructions are captured in a Method of Procedure document. Datacenter management provides approval before work can begin and signs off on finished work to indicate completion. Maintenance records are retained in the automated system.