High Level Migration Plan

Test Seamless Authentication

  • Provision subnets, web application firewall and access controls in customer’s Azure subscription
  • Establish a VPN or Azure Express Route connecting Customer’s on-premises domain controllers with Customer’s Azure subscription
  • Provision Azure VMs and replicate then with Customer’s domain controllers
  • Deploy in Azure a sample web application and a Remote Desktop server  as well as security servers for monitoring, scanning, security administration, gateways and proxies
  • Ensure that Customer users are able to authenticate to the sample web application, using their same username and password
  • Test Access over Express Route for users on Customer’s on-premises network
  • If allowed, test access from the internet for users not on Customer’s network


Test a Lift-and-Shift

  • Create subnets in Azure that mirror customer’s on-premises network subnets. keep them isolated from the internet, the Azure domain controllers, and Customer’s on-premises network
  • Do a Lift and Shift Migration
  • Assist customer in creating a VHD image of each on-premises servers to be migrated, including domain controllers
  • Upload images to Azure or use Azure Import Service
  • Use images to provision servers in the isolated Azure subnet
  • Since the Azure servers are isolated, customer’s on-premises AD servers will not get confused about having 2 exact copies (with the same names, IPs etc.) of each server
  • Take full backups of on-premises databases, upload then to Azure and restore them
  • From the Remote Desktop server created in step one, customer user access the isolated Azure deployment and verify functionality


Final Migration (Preparation)

  • Freeze any system level changes to customer’s on-premises servers
  • Repeat lift and shift migration steps preformed in testing and verify functionality
  • Remove access to customer’s on-premises environments
  • Take full backups of on-premises databases, upload them to Azure and restore them
  • Verify all application functionality and data access (Still using Remote Desktop Access)


Final Migration (Cut-Over)

  • Shutdown on-premises servers, except domain controllers
  • Connect the migrate servers (except the static copies of domain controllers) to customer’s network and the domain controllers established in Microsoft Azure in Step 1. If allowed, also enable access to the internet
  • Change DNS records as customer’s site to point to the Cloud
  • Verify full functionality, authentication and access to the Cloud

Ongoing Azure Managed Services

  • Azure Performance Management
  • Azure Security Management
  • Azure Access & Application Management


Optional Compliance Services

  • Documentation of HIPAA & HITRUST Security Controls
  • HIPAA & HITRUST Assessment Management

Healthcare Providers Cloud
Healthcare Payers Cloud
Medical Devices Cloud
Healthcare ISV Cloud