SIVARO

What Exactly Does Azure Do? (A Practitioner's Guide)

You're building something. Maybe it's a data pipeline that needs to handle 50 million events a day. Maybe it's an AI system that has to make real-time decisi...

what exactly does azure practitioner's guide)
By Nishaant Dixit
What Exactly Does Azure Do? (A Practitioner's Guide)

What Exactly Does Azure Do? (A Practitioner's Guide)

What Exactly Does Azure Do? (A Practitioner's Guide)

You're building something. Maybe it's a data pipeline that needs to handle 50 million events a day. Maybe it's an AI system that has to make real-time decisions. Or maybe you're still trying to figure out why your database keeps falling over at 3 AM.

And somewhere in that mess, someone said "just use Azure." But no one actually explained what exactly does Azure do? in plain language.

I'm Nishaant Dixit. At SIVARO, we've been building production systems on Azure since 2018 — data infrastructure that processes 200K events per second, AI pipelines that serve millions of predictions daily. We've made every mistake you can make. Expensive ones.

Here's what I wish someone had told me.

Azure is a collection of cloud services — roughly 200+ products — that let you run software without owning hardware. But that's like saying a car "moves things." The real question is: what exactly does Azure do? that matters to you?

It provides compute (virtual machines, containers, serverless functions), storage (blobs, databases, caches, file shares), networking (load balancers, VPNs, DNS), and AI/ML infrastructure (GPU clusters, pre-built models, training pipelines). But the key insight — the one that cost us $40K to learn — is that Azure is designed for enterprise integration first. It's not the sexiest cloud. It's the one that plays nice with Active Directory, SQL Server, and your legacy ERP.

Compute Options: More Than Just VMs

Let's start with the basics. You need somewhere to run code. Azure gives you four main paths.

Virtual Machines are the old standby. You pick a size (say, Standard_D8s_v3: 8 vCPUs, 32GB RAM), an OS, and you're running. We use these for legacy workloads that need specific OS patches or licensed software. Cost: roughly $0.38/hour for that D8s_v3.

App Service is for web apps. You deploy code (Node, Python, .NET, Java) and Azure handles scaling, patching, and load balancing. We run a customer-facing dashboard here — 99.99% SLA, auto-scales from 1 to 20 instances. Cost: ~$70/month for the basic tier.

Azure Kubernetes Service (AKS) is where things get real. You define your containers, Azure manages the control plane, and you get auto-scaling, rolling updates, and service discovery. We run our real-time data processing pipeline here — 30+ microservices, 400 pods, handling 200K events/sec. Costs vary wildly — our AKS cluster runs about $1,200/month in node costs, plus $73/month for the control plane.

Azure Functions is serverless. Write a function, upload it, and Azure runs it only when triggered. Great for event processing, webhooks, or periodic tasks. We use this for data validation — each incoming event triggers a function that checks schema, deduplicates, and routes. Cost: pennies per million executions.

Here's what I'd tell you: start with App Service or Functions. Move to AKS when you need fine-grained control over scaling or network policies. Avoid VMs unless you really need them.

Storage: The Part Nobody Gets Right

I've seen teams burn $10K/month on storage because they picked the wrong tier. Let's fix that.

Azure Blob Storage is object storage — think S3 but with Azure's cooler names. Three tiers: Hot (frequent access, lowest read cost), Cool (infrequent access, lower storage cost), Archive (cheapest storage, higher retrieval cost). We keep 30 days of raw event data in Hot, 90 days in Cool, everything else in Archive. Monthly cost: ~$200 for 10TB across tiers. Retrieval from Archive takes 1-15 hours.

Azure SQL Database is managed SQL Server. We run our operational database here — handles 10K transactions/second, automatic backups to 35 days, point-in-time restore. Cost: ~$400/month for a basic production instance. Pro tip: use the serverless tier for dev/test — cost drops 70% when no one's querying.

Cosmos DB is their NoSQL offering. Multi-region, multi-model (document, graph, table, Cassandra API). We use it for our session store — needs 99.999% availability and <10ms reads. Cost: ~$1,200/month for a single-region deployment with 10K RU/s. Cross-region replication doubles that.

Azure Cache for Redis is for caching. Sub-ms response times. We use it behind our API gateway — reduces database load by 80%. Cost: ~$150/month for a 6GB cache.

The mistake I see most: putting everything in Hot Blob Storage because it's easy. Pay attention to access patterns. Use Cool and Archive. Your CFO will thank you.

Networking and Identity: The Hidden Costs

Azure's networking isn't glamorous. But it's where most of your problems live.

Virtual Networks (VNets) isolate your resources. You create a VNet, assign subnets (10.0.1.0/24 for web tier, 10.0.2.0/24 for database), and control traffic with Network Security Groups. We learned this the hard way — didn't isolate dev from prod early enough, a dev VM got compromised, and someone's crypto-miner ran up a $5K bill. VNet peering costs $0.01/GB for cross-region traffic.

Azure Active Directory (now Entra ID) handles authentication. It's the same identity system that powers Office 365. You can sync your on-prem AD, enable SSO, set conditional access policies. For us, this is non-negotiable — every API call goes through Entra ID authentication. Setup: about a day for a small team. Ongoing: $6/user/month for the Premium P1 tier (includes MFA and conditional access).

Azure DNS is cheap — $0.50 per domain per month. But DNS gets weird at scale. We had a DNS resolution issue that caused 10-second delays during traffic spikes. Solution: use Azure DNS Private Resolver for internal queries, and tune TTLs to 60 seconds for production.

The contrarian take: don't over-engineer networking upfront. Start with a single VNet, one subnet per tier, public endpoints behind Azure Front Door (a global load balancer). Add private endpoints and VPNs later when you need them. We went from that to a hub-spoke topology with 5 VNets over 18 months. You don't need it on day one.

AI and Machine Learning: Where Azure Actually Shines

I'll be direct: Azure's AI services saved us months of work. And they'll do the same for you — if you use them right.

Azure Machine Learning is a platform for training, deploying, and managing models. We used it to train a fraud detection model — 500GB of transaction data, 10M features, running on a cluster of 8 NC6s_v3 GPUs (NVIDIA Tesla V100, 16GB each). Training time: 12 hours. Cost: ~$400. Without Azure ML, you're managing GPU drivers, job queues, and model versioning yourself. I've done that. Never again.

Azure Cognitive Services are pre-built AI APIs. Text analytics, computer vision, speech-to-text, etc. We use the Form Recognizer service to extract data from PDF invoices — 99.7% field extraction accuracy on our documents. Cost: $1.50 per 1000 pages for the basic tier. Building this from scratch? You're looking at 3 months and $50K.

Azure OpenAI Service is where Microsoft makes its bet. It's the same GPT-4, DALL-E, and Embeddings models from OpenAI, but hosted on Azure infrastructure with data residency guarantees and enterprise SLAs. We use GPT-4 for a search enhancement system — takes natural language queries, generates SQL, runs the query. Latency: ~2 seconds per query. Cost: ~$0.03 per 1K tokens (GPT-4 8K context). You get Azure's security controls (private endpoints, managed identity, audit logs) on top of the AI model.

The trade-off: Azure ML is powerful but complex. The learning curve is steep. We lost two weeks to a deployment configuration issue. Cognitive Services are easy but limited — you can't fine-tune some models. OpenAI Service is expensive for high-volume use — 1M tokens/day costs about $90.

Data and Analytics: The Hidden Workhorse

Data and Analytics: The Hidden Workhorse

Most people think Azure is just VMs and storage. But their data stack is legitimately good.

Azure Synapse Analytics is their big data platform. Unified SQL analytics, Apache Spark, and pipelines. We process 200K events/sec through Synapse Pipelines — ingests from Event Hubs, transforms with Spark, loads to SQL. Cost: ~$1,000/month for a moderate workload. The batch processing is solid, but real-time is tricky — Spark streaming adds 30-60 second latency.

Azure Data Factory is ETL/ELT orchestration. We have 200+ pipelines moving data from on-prem SQL Server, Salesforce, and REST APIs to Azure SQL and Blob Storage. Cost: ~$200/month for 100M activity operations. The drag-and-drop UI is decent for simple flows, but you'll write JSON for complex transformations.

Azure Event Hubs handles high-throughput event ingestion. 1MB/sec per throughput unit (TU), auto-inflate. We use 20 TUs for our pipeline — $160/month. Kafka-compatible, so you can use existing Kafka clients. Latency: <10ms for small messages.

Azure Data Lake Storage Gen2 is Blob Storage with a hierarchical namespace. You get directory-level permissions, HDFS compatibility, and cheaper storage than hot blob. We keep historical data here — 500TB, growing 5TB/month. Cost: ~$5,000/month.

The practical insight: start with Event Hubs + Blob Storage for raw data. Use Data Factory for orchestration. Add Synapse when you need ad-hoc SQL queries on large data. Don't build a Lambda Architecture on day one — you don't need real-time and batch processing until you hit scale.

Security and Compliance: Why Enterprises Choose Azure

This is Azure's killer feature. And it's boring. But it matters more than any fancy AI.

Azure has 90+ compliance offerings — more than AWS or GCP. SOC 1/2/3, ISO 27001, PCI DSS Level 1, FedRAMP, HIPAA BAA, GDPR, and 40 regional standards. If your customer is a bank, healthcare provider, or government agency, they'll ask about this.

Azure Policy enforces rules at scale. For example: "All storage accounts must have encryption enabled." You create a policy, assign it to a subscription, and Azure audits every new resource. Non-compliant resources get flagged (or denied, if you set the effect that way). We use 40+ policies — saved us from two security incidents.

Azure Security Center (now Microsoft Defender for Cloud) provides threat detection and vulnerability assessment. It flagged a misconfigured firewall on a dev server — public access to a database. Cost: $15/server/month for the basic tier. Worth it.

Azure Key Vault manages secrets — API keys, database passwords, certificates. Access is controlled by Entra ID, and you get full audit logs. We moved all secrets here in 2021. No more "I found the production DB password in a Slack message" horror stories.

The reality: setting all this up is work. Our security configuration took 3 months of dedicated engineering time. But it's work you'd have to do anyway — Azure makes it faster and more consistent than rolling your own.

Pricing: The Ugly Truth

I'll be blunt: Azure pricing is confusing. And expensive if you're not careful.

Compute costs are straightforward by the hour. Storage costs are cheap. But data egress (traffic leaving Azure) can kill you. Outbound data transfer is $0.05-$0.12/GB depending on region. We had a $4K bill one month from a misconfigured data export job.

Reserved Instances save you up to 72% on VMs if you commit to 1 or 3 years. We reserve 80% of our compute — costs $18K/month instead of $35K. Spot VMs are 90% cheaper but can be reclaimed — use them for batch jobs.

Cost management tip: Azure Cost Management + Billing is actually decent. Set budgets ($500/month per dev environment), get alerts at 80% and 100%, and review weekly. We do this and caught a $2K anomaly (someone provisioned GPU instances for testing).

FAQ

What exactly does Azure do?
Azure is a cloud computing platform from Microsoft. It provides compute, storage, networking, AI, and analytics services on demand. You rent resources instead of buying hardware.

Is Azure better than AWS?
Depends on your stack. If you're a Microsoft shop (Windows, SQL Server, Active Directory, .NET), Azure integrates natively — lower latency, better security, simpler licensing. If you're Linux-heavy or need unspecialized services, AWS has more options. We use both — Azure for core data and AI, AWS for some ML training.

How much does Azure cost?
From $0 (free tier: 1M function calls/month, 5GB blob storage) to $100K+/month for enterprise deployments. Our production stack runs ~$8K/month across 50+ services.

Can I run Kubernetes on Azure?
Yes, via AKS (Azure Kubernetes Service). It's a managed Kubernetes cluster — Azure handles the control plane, you pay for worker nodes. We run 400+ pods on AKS.

What about AI?
Azure has Azure ML for custom model training, Cognitive Services for pre-built AI (speech, vision, text), and Azure OpenAI Service for GPT-4 and other OpenAI models. We use all three.

Is Azure secure for healthcare/finance?
Yes — HIPAA BAA, PCI DSS Level 1, SOC 2 Type II, FedRAMP. Azure has 90+ compliance certifications. You'll still need to configure security properly, but the platform supports it.

How long does it take to learn Azure?
Basic proficiency (provision VMs, storage, networking) takes 2-4 weeks. Deep expertise (AKS, security, cost optimization) takes 6-12 months. We still learn new things monthly.

What's the biggest mistake companies make on Azure?
Not setting up cost alerts and governance policies. We see $10K+ surprise bills from orphaned resources, oversized VMs, or data egress. Spend the first week on governance.

Final Advice

Final Advice

What exactly does Azure do? It gives you infrastructure you don't have to own. But it doesn't make your architecture decisions for you.

Start small. Use App Service for web apps. Use Functions for event processing. Use Blob Storage for data. Add AKS, Cosmos DB, and ML services when you hit real bottlenecks.

Don't over-architect on day one. We've rebuilt our infrastructure three times in six years. Each rebuild was necessary. But you can't know what you need until you're running at scale.

And for god's sake, set up cost alerts. Your future self (or your CTO) will thank you.

Azure is a tool. A powerful one. But it's still just infrastructure. The hard work — understanding your data, designing your system, knowing when to optimize vs. when to ship — that's on you.

I've been building on Azure since its early days. I've seen teams succeed spectacularly (one customer processes 2B events/day) and fail expensively (a startup burned $200K in three months on underutilized GPUs). The difference wasn't the cloud provider. It was knowing what to build and what to buy.

Now you know what exactly does Azure do? Go build something.

Nishaant Dixit — Founder of SIVARO. Building data infrastructure and production AI systems since 2018. Built systems processing 200K events/sec.

Free · No Commitment · 48-Hour Delivery

Get a free infrastructure audit

2-hour remote session. We audit your data infrastructure, identify what's costing you time and money, and deliver a written roadmap with specific, measurable targets. No pitch.

Book Your Free Audit
N
Nishaant Dixit
Founder & Lead Engineer at SIVARO

Building data-intensive systems since 2018. 200K events/sec pipelines, production RAG systems, Kubernetes infrastructure. LinkedIn →

Start a Project
Need help with your infrastructure?

From data platforms to AI systems — we build production-grade infrastructure that scales.

Explore Our Services