How to optimize cloud operations in Microsoft Azure

ServiceNow has embraced a three-zero strategy for its digital technology operations: zero unplanned outages, zero physical footprints, and zero user-reported incidents. We adopted a cloud-first policy as part of our zero-physical-footprint strategy. This approach delivers the operational agility we need as a growing company—we can add capacity on demand. With a data-center approach, that would take weeks or months.

By moving our business-critical applications to Microsoft Azure, we’ve improved the user experience, increased application performance, and added redundancy to help avoid unplanned outages. But the migration story doesn’t end there. Just as crucial is how we optimize cloud operations after the migration is complete.

The Now Platform has been invaluable in managing our cloud presence post migration. We use ServiceNow Cloud Insights for dynamic, real-time insights into our Azure consumption and operational costs and ServiceNow Security Operations for cyber resilience and vulnerability management.

Post-migration considerations

The migration of our enterprise resource planning (ERP), database, and analytics workloads to Azure was seamless, with no performance or data integrity issues. We completed the final cutover within 24 hours, saving $650,000 and 16 months of project work.

One of the significant benefits of moving to the cloud is its scalability. Traffic spikes are handled with ease. However, moving to the cloud can be expensive, especially as our operations grow. We need to be smart about how we manage our operations to avoid spiraling costs. Post migration, we undertook a new phase: optimization. This is critical to any public cloud migration, especially during the first three months.

We had three goals for our cloud optimization: increase performance/availability, reduce costs, and ensure security. We began by asking simple questions:

• Were our virtual machines (VMs) operating efficiently?

• Was there excess capacity, or were the VMs “right-sized”?

• Could we reduce CPU and memory costs?

We monitored our high-cost, solid-state storage to ensure we weren’t paying for anything we didn’t need. By moving data from premium to cheaper storage, we were able to reduce our costs. Because of our cloud-first approach, we also implemented a zero-trust network that helped us shrink our firewall fleet by 90%.  

To make decisions, we rely on Microsoft Power BI, which feeds data to ServiceNow Cloud Insights. That gives us dynamic, real-time insights into our Azure consumption and operational costs. With Microsoft Power BI, managing our cloud presence efficiently is much easier.

Intelligent dashboard

Once our business-critical applications were running in the cloud, we created our own Cloud Center of Excellence (CCoE), a central governance dashboard running on the Now Platform. We use it to identify, track, and manage all our cloud assets and weigh workload performance against costs.

The dashboard also provides a central hub for developer automation tools. Developers can order a VM from our service catalog, selecting the cloud provider and the proper VM spec. The fulfillment process is automated from request through provisioning. Integrations with Terraform and Ansible enable us to automate processes, saving valuable time. What used to take days or weeks now takes minutes.

The dashboard delivers many benefits: self-service VM provisioning, automated chargeback costs and approvals, and standard processing. This in turn reduces friction between IT and the business regarding resourcing and scheduling.

Security at the core

Automating security was another major consideration in our optimization strategy. We use the CCoE portal to manage our vulnerability remediation. From the dashboard, employees can initiate action on vulnerable workloads, including automated patching.

We use micro-segmentation on production workloads to protect dataflows and policy deployment across our environment. We also use ServiceNow Vulnerability Response to manage our integration of ServiceNow Incident Management with Microsoft Teams to improve cross-team collaboration. 

We rely on ServiceNow Security Operations to secure our infrastructure by automatically deploying security patches to our VMs and monitoring for emerging security threats. To date, we’ve decreased our security risk. To reduce unplanned outages, we use ServiceNow Agent Client Collector and ServiceNow Health Log Analytics, which help predict service issues before they occur and automatically remediate them when possible.

We also use Azure Kubernetes Service (AKS) and Azure API Gateway to easily integrate the Now Platform with third-party security products to achieve scalability in our daily cloud operations

A unified approach to post-migration

The three months following an Azure migration are just as important as the migration itself. Cloud optimization is vital to maximizing performance, controlling costs, and having a strong security posture. We’re confident knowing that we pay for what we use and can quickly eliminate excess capacity as we grow.

We mitigate security threats and unexpected outages by protecting our infrastructure from bad actors. Fine-tuning these areas immediately after the migration was crucial in our journey to modernize our cloud footprint.

Find out more about our partnership with Microsoft and how we run our business on ServiceNow.

© 2023 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.