Deploying and Operating Windows Applications Correctly and Securely on AWS

By David Boland and Jared Reimer

March 30, 2019

Migrating Microsoft Windows applications to the cloud is often a frustrating and expensive process. The failure / rollback rate for these projects is far higher than most people realize. There are a variety of factors which make Windows app migrations particularly error-prone: key hosting platform differences, legacy application architecture, antiquated security infrastructure, and a lack of automation-centric operations experience. Many Windows applications were written before the cloud era and make flawed assumptions about the stability and durability of the underlying infrastructure; these design assumptions are almost invariably inconsistent with best current practices around cloud-native architecture and infrastructure operations.


Microsoft Windows workloads tend to be the most incorrectly deployed and operated workloads. Historically, Windows ecosystem users did not have heavy scripting and automated backgrounds – most deployments are one-offs, with no clear record of the system state or changes made over time. And most of the time, these deployments tend to be very long running, with patches and manual maintenance rather than frequent refreshes via redeployment.

Correctly migrating yesterday’s app to today’s cloud platform is almost never as simple as “lift and shift” VM conversion – despite what those with a financial motive may publicize, this is almost always the wrong thing to do. When migrating Microsoft workloads into the cloud, companies need to make sure those workloads maintain functionality, consistency, and security. The vast majority – perhaps as many as 90% – of these workload migrations are done incorrectly or, at a minimum, in a non-repeatable fashion that creates and perpetuates technical debt. One-off manual redeployments, “lift and shift” VM conversions, overprovisioned cloud resources, and a lack of per-application security are among the most common problems Cascadeo encounters in client cloud migration initiatives.

The challenge becomes migration without duplicating these legacy issues in the cloud. How do we quickly and painlessly deploy Microsoft workloads to AWS in a repeatable, consistent, reliable, and highly functional way? This is particularly problematic with legacy Windows applications, many of which assume a shared filesystem mounted read/write to each application server. This legacy architecture is problematic for a number of reasons, the least of which being the scalability, security, cost, and blast radius concerns associated with any sort of networked filesystem.


Enter Cloud Volumes Service for AWS – a consumption-oriented cloud service available through AWS Marketplace. NetApp Cloud Volumes Service for AWS is a fully managed cloud service that enables you to move your workloads and applications to the cloud and manage them with ease. Cloud Volumes Service removes obstacles so you can move more of your file-based applications to the cloud. It provides a solution to the problem of shared storage for Windows Server for AWS without all the overhead and administration involved with an in-house solution.

Cascadeo automated the deployment of Cloud Volumes Service as a part of a larger CloudFormation-driven solution framework. Automations, not mouse clicks, are used to create a CVS volume and connect it to a hardened, well-architected Windows workload. These volumes are delivered as a cloud service by NetApp into your Windows instance, just as easily as any other Windows file share. Now, delivery comes as a consumption-oriented SAS service or PAS service instead of a retail product you would buy and deploy into your own data center. With Cloud Volumes Service, you’ll experience the same tools and security as on-prem, delivered as a professionally managed service by NetApp. Managed Cloud Operations for Windows + CVS Workloads on AWS

With NetApp operationally responsible for durable, high-performance cloud file storage, Cascadeo steps in to support operations for the application workload via the platform for cloud managed services. Unlike other managed services providers, Cascadeo doesn’t replace your tools, infrastructure, or monitoring framework. Instead, the approach is to stream operational data into Cascadeo’s SaaS Analytics backend and provide support built on whatever tools clients already have.

For those lacking modern IT telemetry infrastructure, Cascadeo deploys tools automatically via Terraform-driven automation. This reduces the time to full MSP operations from weeks to minutes, and reduces the client’s deployment expense to a tiny fraction of what a professional services engagement would require.


Cascadeo is an AWS Premier Consulting Partner and Managed Services Provider based in Seattle, WA with a secondary headquarters in metro Manila (Philippines). The 13-year-old company has worked with well over a hundred enterprise clients across the US, Europe, and APAC regions to successfully design and deploy solutions to public cloud environments. As a cloud-first partner to NetApp, Cascadeo recommends and implements solutions from a variety of vendors – but is not a VAR or reseller, and focuses exclusively finding on the right product(s) for a given customer engagement. Put differently, Cascadeo is less concerned with selling product and more concerned with solving the client’s problem correctly and efficiently, setting them up for long-term success rather than focusing on near-term revenue or platform adoption.

Together, NetApp and Cascadeo keep your files and Windows applications connected, accessible, monitored, and competently operated in the cloud.

To learn more about NetApp and Cascadeo migrating workloads into AWS, check out the following demo.

About NetApp Cloud Volumes Service

Cloud Volumes Service simplifies data migration from on-prem without rearchitecting your applications including support for NFS3 and SMB protocols. You get fast, file-storage performance with a choice of three (3) performance levels: standard, premium and extreme with the ability to change performance on-the-fly as your applications demand it. It provides rich features such as snapshots, clones, and backup capabilities that help you to better manage your applications. If you’re ready to use a solution for shared storage for Windows Server in AWS, sign up for Cloud Volumes Service for AWS .

About Cascadeo

Cascadeo is a Cloud DevOps engineering firm focused on taking care of your cloud deployments so you can focus on building your products and services. We work with you at every stage of your initiative, from the definition of your cloud strategy through to the design, build, CI/CD automation and management of your Cloud deployment. We understand how to build towards operability and align with your business model, objectives and roadmap to ensure your success at every stage of your growth.