Multi-Region Implementation

Multi-Region Implementation

Introduction

As an organization you might want to store and process data in a region other than the current default West Europe. This might be needed because regulation and collaboration requirements. Or that certain services you need can only run in a different region. Or for any other reason that is important to you.

myDRE will soon support multi-region

anDREa has designed a solution that when a new Subscription is being added to the anDREa AAD, the region can be set for that Subscription. Since an organization can have multiple subscriptions in effect anDREa offers multi-region support.


Each subscription, and all its resources, is tied to one and only one region.
  1. Easy audit: all workspaces in a subscription store and process their data in the same region.
  2. Each tenant will get per region an audit database

Please click for the most current list of supported Microsoft Azure Regions
  1. The selection in the link is Europe, feel free to explore other Regions.
  2. Also have in mind what type of resources are needed, for instance NC-series VMs (GPU), is not supported in every Region; change the selection on your requirements.

Important!
For now all the traffic involved in ingress and egress will still go through West Europe, anDREa believes this is for now acceptable because:
  1. anDREa has not have any clients outside the EER that might require this
  2. West Europe is EER
  3. The ingress and egress traffic and temporarily storage is encrypted
If/when this becomes an issue, anDREa will find a solution to ensure that the data involved in ingress/egress will be handled in the region the Subscription resides.



    • Related Articles

    • Available Microsoft Regions

      Introduction As an organization you might want to store and process data in a region other than the current default West Europe. This might be needed because regulation and collaboration requirements. Or that certain services you need can only run in ...

    • Location of data storage and processing

      First version: 2022-09-22 Last updated: 2023-10-26 Last change: Addition of screenshot; alert at the bottom of the article. Approval: 2023-10-26 Classification: Low Please contact us if you want to receive a copy of (an) earlier version(s). Data ...

    • myDRE Highlevel Architecture

      Introduction This article describes the myDRE High-level Architecture. Note: Development, Acceptance, and Production are separated environments. Description Compute Infrastructure. myDRE.org Portal serves as the frontend for the solution offering ...

    • Subscription Enrollment

      Introduction myDRE is designed to work with one or more Microsoft Azure subscriptions of the Tenant (=client); all the Workspaces and related resources of the Tenant are deployed in those Subscriptions. This document describes the full process, which ...

    • myDRE and IAM

      Current implementation Every user will get their own @mydre.org username. Security - every user is subject to the same policies No guest-accounts Minimally every 24h Multi-Factor Authentication (MFA) is required Trusted devices cannot be created ...