Recently, our customers with hybrid cloud environments want to move their final on-prem servers to the cloud or replace them with SAAS applications. For example, file servers can be moved to SharePoint. Until now, legacy two and 3-tier applications, written on platforms developed in the 1980s and 1990s, remained on-premise. They have an application server, possibly a separate database server, and endpoint (Client) software. These “client-server” applications were complex to upgrade and often postponed during the initial “move to the cloud.” But now there is increased demand. Why is that? Various factors are at play, including versions of Windows Server and SQL server going out of support or a delay, but the publisher is to release a SAAS version of their app. Additionally, many teams are staying partially or fully remote, making it impractical to maintain on-premise infrastructure. As customers grow comfortable with SaaS and implement related security controls, they are now exploring how best to move these final vestiges of their on-prem environment to the cloud.

Specific Scenarios: Multi-User Applications

These applications often function like legacy 2-tier or 3-tier applications, with server services running application and database software and client software on endpoints connecting to the server. Examples include QuickBooks Enterprise and custom Microsoft Access applications, which are often critical for daily operations.

Considerations for Migration

  1. Login Handling: These applications typically have application-level security and are not integrated with Windows Server. We must consider how users log in and access their applications and Microsoft suite in the cloud.
  2. Connection Security: Previously secure on-prem connections need transport from endpoints to the cloud. Consider whether a VPN is necessary for secure connections.
  3. Data Security: Ensure data is encrypted at rest and in transit and meets compliance requirements like HIPAA, CMC, or GDPR.
  4. Endpoint Security: Secure the endpoint accessing the cloud-hosted app with appropriate defense software, firewalls, and patch strategies. Implement MFA and role-based access controls (RBAC).
  5. Compliance: Ensure all security measures meet compliance requirements.
  6. Shared Responsibility: Understand the shared responsibility model in the cloud.
  7. Securing the Azure cloud: Use tools like Microsoft Defender for Cloud for security management and threat protection.
  8. Vendor Compliance: Some software publishers require certified hosting providers. Ensure vendor support is available for your chosen hosting environment.
  9. Licensing: Most software publishers are moving to subscription models. Ensure you have the necessary server and per-user licenses.
  10. Performance and Resource Allocation: Consider network latency, bandwidth, and dynamic resource provisioning to avoid performance bottlenecks.
  11. Hosting Options: Evaluate virtual desktops, Azure Virtual Desktop, and remote desktop services with VMs in the cloud. If necessary, consider third-party hosting.
  12. Hybrid Solutions: Plan for Azure AD integration and connection points between on-prem and cloud infrastructure.

Common Issues in Migration

  1. Network Latency: Ensure sufficient bandwidth to avoid latency issues.
  2. Licensing Compliance: Ensure correct licensing, especially for remote desktop services.
  3. Security: Implement firewalls, MFA, and regular updates. Use monitoring and logging tools to detect unusual behavior.

Resource Allocation

Avoid under-provisioning resources to prevent performance issues. It’s often better to start with higher resources and scale down as needed.

Cost Considerations

Consider subscription costs for servers, software, and security services. Include support and maintenance costs, whether internal or external and consumption costs based on actual usage.

Next Steps

Moving multiuser desktop applications to the cloud is a significant decision that requires careful planning and execution. Here are some next steps:

  • Consult with Experts: Work with an experienced architect to design and deploy your cloud solution. For example, TechHouse can provide expert guidance and support throughout the migration process, ensuring a smooth transition.
  • Evaluate Options: Assess different hosting options and choose the one that best fits your needs. For instance, compare the benefits of using Azure Virtual Desktop versus a third-party hosting provider certified by your software vendor.
  • Plan for Security: Implement robust security measures to protect your data and applications. For example, use Microsoft Defender for Cloud to continuously assess your security posture and receive actionable recommendations.
  • Monitor Performance: Regularly monitor and adjust resources to ensure optimal performance. For instance, use Azure Monitor to track the performance of your cloud-hosted applications and make necessary adjustments to resource allocations.