Select Page

Azure Landing Zones

Plan, build, and manage your Azure Landing Zones with the support and expertise of Netrix’s certified Microsoft engineers.

Get started with your Azure Landing Zone deployment. 

What are Azure Landing Zones?

Azure Landing Zones are a set of policies and hierarchical resources that allow for grouping within Azure as well as centralized management and monitoring. Landing Zones are based on two of Microsoft’s best practices known as the Cloud Adoption Framework and the Well-Architected Framework. The policies that get implemented have many purposes, including providing security baselines, cost control measures, and best-practice configurations.

By leveraging Landing Zones, you can deploy Azure with confidence, ensuring:

A strong foundation for Azure using only the resources you need, preventing surprise monthly bills

Your resources are configured securely based on proper governance and policies

Users can deploy in Azure with minimal friction thanks to role-based access control for business units while retaining centralized visibility for IT

Solution Overview

STEP 1

Plan & Envision

During the initial planning and envisioning period, we’ll work with your team during half-day workshops to execute the following:

Z

Management Layout

Review Management Group and subscription hierarchy to determine proper inheritance structure

Z

RBAC Design

Design least privilege requirements for teams in Azure

Z

Policy Design

Design initial policies required to put guardrails up in the environment

Z

IaC Review

Review capabilities of Infrastructure as Code solutions

Z

IaaS Design

Design requirements for IaaS deployments (VMs, Storage, Networking)

Z

PaaS Design

Design requirements for common PaaS deployments (App Services, Key Vaults, Automation, SQL, etc.)

Z

Monitoring Review

Review logging with first- and third-party solutions

Z

Cost Management Review

Design budgeting best practices and alerting

STEP 2

Implement

The flexibility of this offering allows your team to handle as much, or as little of the implementation as you’d like. Whether you’re strictly looking for oversight and guidance, or complete execution of all resources, our team can support your Azure Landing Zone deployment. 

Guidance Only

Regular review meetings every 1-2 weeks to determine status of deployment and support your team as they execute.

Light Touch

Our team will help with the deployment of management hierarchy, deploy and create initial test resources, and deploy, validate, and create a portion of the client’s production resources.

Turnkey

Netrix will deploy, validate, and create all client resources in Azure.

STEP 3

Manage

Azure Landing Zones not only require an upfront implementation to define policies but also require careful ongoing management to ensure your policies evolve as your goals and needs do. Netrix provides ongoing oversight for three key components of your Azure Landing Zones.

Azure Policy Monitoring

Monthly review of Azure Policy compliance, exemptions, and coverage with exemption management.

Azure Advisor Monitoring

Review Azure Advisor recommendations for cost, security, reliability, operational excellence, and performance and cleanup recommendations as
needed.

Infrastructure as Code Management

Update IaC templates to fix deployment issues and create new IaC templates quarterly.

5 Reasons to Migrate to the Cloud

The cloud isn't new, but many organizations have yet to migrate their workloads and operations. Transformation can seem like a daunting task and cost fears and resource limitations can leave organizations hesitant to realize the benefits. Check out our whitepaper covering five reasons migrating to the cloud can set your business up for growth and success. 

Why work with Netrix?

Tightly Integrated and Longstanding Microsoft Partnership

Since 2005, Netrix has provided engineering expertise, complementary solutions, and supporting services for the Microsoft technology stack. As a Microsoft Gold Partner, we have the expertise to deploy and support your team’s new or existing Microsoft infrastructure.

Specialized Migration Partner in the Azure Migration & Modernization Program

As a member of AMMP, Netrix provides the right mix of best practice guidance, resources, and expert help at every stage of your cloud journey. We meet customers wherever they are in their cloud journey so you can move forward with confidence - right from planning the move to making it happen successfully. 

 

Frequently Asked Questions

What are the requirements to participate?

  • Participation by multiple teams including security, networking,
    applications, etc.
  • 8-12 hours per week for 2-3 weeks for design
  • Continued participation 1-2 times per week for implementation 

What will Landing Zones help with?

Azure Landing Zones are a solution for Azure users who struggle with:

  • Governance
  • Policies
  • Total Cost of Ownership
  • Security

Why should I get support when implementing Landing Zones?

The risks of doing it yourself if your team isn’t well versed in Landing Zones,
include:

  • Providing over permissions that can affect resources users shouldn’t have access to, leading to deletes, moves, and changes your IT department hasn’t sanctioned
  • Incorrect policies can lead to users spinning up unapproved or nonbudgeted services which lead to higher bills
  • Under-permissioned users can lead to experience issues and disruptions to business processes
  • Without proper Landing Zones, your Azure environment could lack a security baseline