Reference architecture for Azure Innovation Accelerator (IX)
Innovation thrives on speed and flexibility, and it requires a fast-track lane for quick collaboration. Microsoft enables fast innovation through Azure Innovation Accelerator (Azure IX), a unified transformation cloud framework that combines technology, culture, and processes within an easily deployable end-to-end solution. Azure IX creates a complete Azure cloud setup in weeks, freeing you to focus on generating business value. Whether companies are looking to quickly operationalize new workloads or transform traditional IT structures, Azure IX offers a framework that includes all the necessary elements and can adapt flexibly to requirements and changes.
With Azure IX, you can deploy a production-ready environment within weeks and make it operational from day one. In addition to the technical landing zone, which can be customized to specific customer requirements, Microsoft provides qualified DevOps developers for operation, offering a new service experience beyond standardized knowledge bases. Furthermore, your organization can, flexibly and without bureaucratic effort, make use of all consulting services from Azure IX as needed, to efficiently and swiftly elevate business value.
As a universal framework, Azure IX can essentially represent any workload that is operable in a cloud environment. Examples include:
- A minimum viable product (MVP) for using AI outside the company context that can be taken directly into production
- A multi-project environment to prevent shadow IT
- A neutral environment for collaboration between different companies
- An environment tailored to your specific needs
- A robust and secure environment for a short-term project
- Accelerated implementation of reference architectures for industries such as automotive and financial services.
Current challenges
In today’s business environment, companies need to source innovation internally and externally through partner ecosystems, startup communities, consortiums, and alliances. In addition, companies need to react quickly to changes, which isn't always possible due to various restrictions.
Key challenges to drive innovation and collaboration include:
- Missing collaboration platform among partners: One or more partners don’t want to take responsibility for a cloud collaboration environment.
- Short project sprint: A customer or partner collaboration needs to ramp up state-of-the-art cloud development without investing in a long-running project.
- IT department limitation: A customer or partner collaboration needs a cloud development platform, but the IT department doesn't have the capacity to support this fast innovation.
- No specialty cloud development environment: A project might require a custom dedicated cloud development environment with high security demands.
- Slow cloud deployment: A project needs full-blown cloud development environment with fast deployment, for example, within weeks.
- Missing skills: The skills required to use the latest technology aren't always on hand.
Benefits of Azure IX
Azure Innovation Accelerator (Azure IX) is a framework that enables and drives innovation in a sustainable manner. It includes all the relevant features required for the framework, including:
- Providing a flexible infrastructure through a fully managed solution, enabling partner collaboration and scaling seamlessly
- Providing upskilling for existing staff
- Providing skilled personnel for developing a use case
These features are available in a flexible contractual model enabling you to consume just the services, which you require in a specific project phase.
Because Azure IX serves as a transformation toolkit for an agile model to drive innovation within a defined governance model, it's best suited for joint ventures or collaborative development and engineering, with involvement of the different constituent groups.
- Turn-key solution: A purpose-built, ready-to-deploy cloud infrastructure platform defined using Azure blueprints within the Microsoft enterprise enrollment. This platform enables rapid and efficient rollout, providing a secure foundation for various business scenarios.
- Fully managed solution: Microsoft ensures that the infrastructure remains accessible and current without imposing resource constraints on the company.
- Security-as-a-Service: Microsoft offers a range of managed security modules that can be seamlessly integrated into the platform to meet the most stringent security requirements.
- Defined governance model: Granular governance models facilitate collaborative and joint control of the platform, ensuring the protection of assets and intellectual property.
- Flexible partner collaboration: The partner collaboration facilitates the seamless onboarding of users from diverse departments, organizations, or companies, enabling productive collaboration on a unified platform.
- Built-in change: You can make adjustments on the flexible platform and its managed components based on demand.
- Focus on generating value: By design, an agile working model helps minimize and facilitate administrative burdens for maintenance, change, and administration.
- Split billing: The costs incurred can be appropriated among partners based on the predetermined allocation.
Azure IX also helps you make solutions ready for use within weeks or quickly implement migration scenarios offerings. Therefore, you can rapidly and efficiently modernize your IT infrastructure and customize it to the specific needs of your industry. The solution enables customers to accelerate their innovation cycles, apply the best practices and expertise of Microsoft and its partners, and scale their solutions globally.
Azure IX solution elements
Azure IX offers you the freedom to use the technologies of your choice to efficiently generate business value. For example, you can opt for Azure DevOps in combination with GitHub or select a different technology suite such as the Atlassian developer stack if it aligns with your company standards. Our dedicated team can support and integrate specific industry solutions and custom developments to meet your organization's unique needs. Azure IX provides customers with an end-to-end solution based on an open cloud platform that helps them use the technologies necessary to efficiently generate business value without any restriction. In this regard, Azure IX supports various solutions as long as they don't negatively affect the integrity or security of the platform.
The following diagram shows the Azure IX technical architecture stack:
Azure IX is clustered within the platform infrastructure and the corresponding DevSecOps builds, and it runs a dynamic Azure-based cloud environment.
The platform infrastructure includes the mandatory Azure IX Solution Core with embedded processes based on agile principles for security and convenience.
Azure IX provides various packages for operations tailored to the customer use case. Besides the full Azure and Microsoft product stack, the DevSecOps team runs and maintains non-Microsoft tools and customer tools by arrangement. The team provides immediate support and resolution for development and operations within one team.
Azure IX contains three building blocks, as shown in the following diagram. The cloud environment is the technology stack of Azure IX containing the Azure Landing Zone and specific tools such as a self-service portal, or tools for automation or monitoring. The DevSecOps team (blue squad) manages the technology stack for daily activities towards supporting the customer, and running and maintaining the platform. The green squad provides the full consulting capabilities of Microsoft. The green squad contributes towards innovation by serving specific needs across sectors, such as supporting feature requests for environment, education, technology consulting, or providing more developer capacity. The entire concept of squads is based on agile principles
Depending on your requirements, you can use one of our preconfigured solution packages or we can tailor Azure IX based upon your specific needs.
For example, within the automotive industry, you can use Azure IX as a base platform to quickly advance all modern cloud services including software defined vehicle (SDV), mobility services and copilots, and scale service for autonomous vehicle development. One of Azure IX’s first successful use cases is in advancing autonomous driving development. Advanced driving assistance systems (ADAS) technology needs strong collaboration between various stakeholders in the development of new functions that require a highly flexible, secure environment built for change.
Enabling Microsoft technologies
Enabling technology | Description |
---|---|
Microsoft Azure | Microsoft Azure is a comprehensive cloud platform offering over 200 products and services. It supports hybrid environments, allowing seamless integration of on-premises, multicloud, and edge infrastructures. It emphasizes open source and provides flexibility with support for various languages and frameworks. |
Azure Monitor | Azure Monitor is a full-stack monitoring service that provides a complete set of features to monitor your Azure resources. You can also use Azure Monitor to monitor resources in other clouds and on-premises. Azure Monitor helps monitor critical applications and business processes for their availability, performance, and operation. |
Microsoft Sentinel | Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response. |
Microsoft 365 | Dynamics 365 is a set of intelligent business applications that helps you run your entire business and deliver greater results through predictive, AI-driven insights. Dynamics 365 applications are made to work together—and with your existing systems—for a comprehensive solution that connects your entire business. Therefore, you can connect with every customer. |
Microsoft Copilot Stack extensibility and Azure OpenAI Service (optional) | The Microsoft Copilot stack offers a robust AI infrastructure that enhances various aspects of industries such as mobility. It provides versatile base architecture that addresses a wide array of use cases and ensures maximum efficiency and adaptability. The stack includes multi-modal enterprise-grade generative AI models, which are part of the Azure OpenAI Service. The service lets you create custom AI applications and copilots, extending the capabilities of the Mobility Copilot across research and development, production, marketing and sales, and after-sales services. The Copilot stack can easily integrate into existing systems, and it offers swift deployment and unified data sourcing. |
Microsoft Dynamics 365 (optional) | Microsoft Dynamics 365 is a software-as-a-service (SaaS) offering, which provides several business applications for customer service, sales, marketing, project automation, customer insights, journey, and finance. Business applications are key enablers to the digital selling journey, as integrating them with the other technologies facilitates hyper-personalization in addition to cross-selling or upselling. In this architecture, Dynamics 365 primarily manages product catalogs and helps in customer service management. |
GitHub | GitHub is a development platform that provides you with the capability to host and review code, manage projects, and build software alongside developers inside and outside your organization. |
Azure DevOps | Azure DevOps supports a collaborative culture and a set of processes that brings together developers, project managers, and contributors to develop software. It allows organizations to create and improve products at a faster pace than they can with traditional software development approaches. |
Azure Kubernetes Service nodes | Azure Kubernetes Service (AKS) is a managed Kubernetes service that you can use to deploy and manage containerized applications. You need minimal container orchestration expertise to use AKS. |
Azure Container Apps | Azure Container Apps is a service for building and deploying modern applications and microservices using serverless containers. |
Azure Key Vault | Azure Key Vault is a cloud service for securely storing and accessing secrets. Key Vault service supports two types of containers: vaults and managed hardware security module (HSM) pools. |
Azure Monitor workbooks | Use Azure Monitor to collect, analyze, and action on telemetry data from Microsoft Azure and on-premises environments. |
Azure Log Analytics workspaces | An Azure Log Analytics workspace is a unique environment for log data from Azure Monitor and other Azure services. It's a logical storage unit in Azure where log data from various data sources, such as Azure Virtual Machines, are stored. |
Microsoft Cost Management + Billing, including predefined Power BI dashboards | Cost Management + Billing helps you understand your Azure invoice (bill), manage your billing account and subscriptions, monitor and control Azure spending and optimize resource use. |
Azure storage account | An Azure storage account contains all your Azure Storage data objects: blobs, files, queues, and tables. |
Azure Automation account | The Azure Automation account is a container in which all your Automation resources reside. It's the key to Azure Automation and one of the few things you need to set up. |
Azure Backup account | Azure Backup backs up the data, machine state, and workloads running on on-premises devices and Azure virtual machine (VM) instances. |
Azure DNS (public) | Azure DNS is a global service and stores all the Domain Name System (DNS) data in a single Azure Cosmos DB account. If this single account is deleted, you need all the existing DNS data to manually restore the data using disaster recovery procedures. |
Azure Firewall | Azure Firewall is a fully stateful centralized network firewall as-a-service, providing network and application-level protection across virtual networks. |
Microsoft Defender for Cloud | Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) made up of security measures and practices that are designed to protect cloud-based applications from various cyber threats and vulnerabilities. |
Azure Bastion | Azure Bastion is a Platform-as-a-Service that lets you connect to virtual machines through private IP address over Transport Layer Security (TLS). |
Microsoft Entra ID | Microsoft Entra ID is a cloud-based identity and access management service that your employees can use to access external resources. Microsoft Entra ID also helps in integration of Customer Identity and Access Management solutions. |
Self-service portal/Stakeholder Dashboard | The Azure IX Self-service portal is a modern web application to help manage the users, create and approve changes, manage the sandboxes, and provide stakeholders with a comprehensive cost overview. A generative AI chatbot supports users in tasks on the Azure IX platform. |
Data Factory (Data-driven workflows) (optional) | Data processing needs to be automated and efficient in today’s times. Azure IX is built on Azure PaaS has a predefined module to implement a scalable data-driven workflow with a low-code approach. Azure IX customers can run their own business logic in days at a high scale if necessary. |
Azure OpenAI Foundation | One of the visions for Azure IX is to enable modern customer workloads in a short timeframe and to enhance them with new features. Azure OpenAI brings a new level of human machine integration for every software and service. With Azure OpenAI Foundation, Azure IX provides a foundation platform to develop and run Azure OpenAI in enterprise-ready grade. |