...
Remote Desktop Services can be configured to deliver a HTML5 web client of the published applications. This may be desired over the RemoteApp solution.
Secure the Remote Desktop Server
When the VM for Remote Desktop Services was provisioned, port 3389 was open and used and we used the RDP protocol to connect to it to perform the installation and configuration tasks.
Now that the Remote Desktop Gateway is configured, we only need to leave port 443 open (HTTPS) and port 80 (HTTP). The RemoteApp, Webclient and HTML5 client all require port 443 (HTTPS), and we also need port 80 open for the regular 3 monthly certificate renewal automatically performed by the win-acme client.
App Registration for Email through Office 365 (Microsoft Graph API)
Emailing from within Jiwa is a common requirement, and if the customer has Office 365 then you should use our Microsoft Graph API plugin for email transport - and this requires an App registration in the Azure Active Directory.
See the article Email - Configuration Microsoft Graph REST API for guidance on how to set this up.
Point to Site VPN
MS Azure Data Backups
Add on extra $$ a month to backup the VM if deemed necessary – we generally don’t as it’s just Windows Server 2019 and Jiwa – nothing that can’t rapidly be rebuiltIf users wish to access resources - such as the SQL database or RDS VM - from their local environment (perhaps for Excel queries or BI tooling), you will need to configure a point to site VPN connection in Azure, as resources should only be accessible from within the same Virtual Network.
Exposing the resources outside the virtual network via whitelisting of IP addresses in the Firewall rules is not recommended.
Backups and Data Security
Virtual Machine
The Azure Backup service can be used to automatically backup virtual machines if desired. The Jiwa application stores only ephemeral data on the VM, so if the VM is destroyed no data is lost - the database contains all the data.
However, it can save time to be able to restore a VM to a previous known working state if it is destroyed - see the official Microsoft documentation on how to configure virtual machine backups if desired.
Also, availability sets can be configured to provide a redundant failover if the VM is destroyed. See the Azure documentation on Availability options for Azure Virtual Machines.
Database
Azure SQL servers never need to be backed up, as this is already done for you. You may wish, however to opt-in to geo-redundant storage to replicate a copy of the database(s) to another Azure datacenter in case of natural disaster or other catastrophe.
By default, the Azure SQL servers are replicated in real-time to 3 different failover nodes in different fault zones in the datacenter, and should one of those machines, or one of the components, fail - then the requests are automatically redirected to one of the failover machines and a new machine provisioned automatically to replace the failed machine.
You may wish to extend the data retention period for the point-in-time backups beyond the standard 7 to 35 days.
MS Azure Calculator
If you haven’t already, you can use the Azure pricing calculator to see the pricing options - https://azure.microsoft.com/en-au/pricing/calculator
Of particular interest might be the discounts offered for paying up-front for VM’s for 1 or 3 years (41% discount for 1 year, 62% discount for 3 years).What you would need to do to allow us to help you (permissions, et al)
| Info |
|---|
Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...