When we build an infra, it is built for an organization & the people who runs the organization. Infra is considered as the core or a backbone part of the entire workflow. Infra should be designed in a way to ease user workflow.

Keeping this in mind Infra design is dependent on many key component which involves -

1. The product offered
2. Number of users involved
3. Domain on which the organization operates
4. Various security concerns related to Organization & the data being used in the Organization.

So, there are various approach of preparing a robust infrastructure and also make it secure, scalable at any given time. We have tried to mention briefly the approaches below -

1. On-Premise Infrastructure - In this type of infrastructure all the servers & services are hosted on premise at a location.
2. Hybrid Infrastructure - In this type of infrastructure there are servers which are hosted on premise and in cloud too depending on the requirements. Here the on-prem infra is connected to any cloud provider using site to site VPN. This approach is mainly used by the company having a legacy infra build on-prem but have plans to migrate to cloud in future.
3. Cloud Infrastructure - The infrastructure is completely hosted on cloud.

This was all about what infra we are setting up. Now let’s see would be the services will be hosted.

For a new organization the main essential component for managing the computers and employee account with security will be building an Active directory. This is the first step after setting up the network on premise. When building active directory the best way to create is to build a Windows domain controller on premise and then connect it to Microsoft Azure AD. This approach will provide the best flexibility and user experience without compromising the security.

An Active directory will hold all the details about computers and users in an organization. The computers will be joined to the domain which will help manage the policy & security centrally.

When the on-prem AD is connected to azure ad all the user and computers account created in on-prem AD is synced with azure ad which provides single sign on experience to the users. By this SSO experience users can access any of the SAAS application which are hosted in cloud using there organization account (If configured by the organization). This provides great amount of flexibility in setting the application for the users.

Other than this there are various approach for cloud infrastructure which can be implemented depending on the needs of the organization.

We would love to discuss more about this.