Landing zone: 4-Wk connectivity implementation

MatrixMind B.V.

Landing zone implementation including connectivity services by using MatrixMind CloudHub

MatrixMind build the Azure Landing zone based on pre-factored survey and quick scan. The default approach is the delivery of pre-factored solution. The default scope is “Plan & Ready”. This will include the inventory, organizational alignment, get familiar with Azure Landing zone and build it. The default solution includes:

  1. Landing zone foundation for workloads management
  2. Landing zone for workloads Azure Landing zone foundation is implemented with 3 subscriptions for Connectivity, Identity and Management o In the Connectivity subscription the ExpressRoute will be enabled by using MatrixMind CloudHub o In the Identity subscription the IAM is arranged for MatrixMind managed connectivity services o In the Management subscriptions the tooling is enabled to managed environment
  • Each of these subscriptions will have default set of Resource groups and resources o Network resource group o Foundation resource group for key vault and diagnostic purposes The Connectivity subscription will have additional Resource groups and resources related to connectivity and Security. In MatrixMind case Azure Firewall Premium or Palo Alto Network Next Generation Firewall Azure Landing zone for workloads is implemented with minimum 3 subscriptions: Sandbox, Production and NonProduction.
  • Each of these subscriptions will have default set of Resource groups and resources Azure Landing zone – Managed connectivity integrates the customer infrastructure via MatrixMind connectivity services (CloudHub). The design is based on Azure vWAN. The CloudHub is completely based on private connections from Eurofiber, InterXion, Equinix and our network-partners. The customer will receive secure, reliable and high-quality network, completely separated from the Public Internet. The CloudHub offers:
  • ExpressRoute, Ethernet/Internet, Direct peering to all available SaaS or other providers by Eurofiber, InterXion, Equinix
  • Direct peering to AMS-IX and NL-IX
  • Peering with 1800 Network