Enterprise Strategy Consulting

Infront’s Solution Architects meet with our customers and spend as much time as needed to understand their priorities and discuss options, highlighting recommendations and discussing pros and cons to each. A ship without a rudder is destined to end up on the rocks at some point. Infront can help you to determine your strategy and then assist you with the execution of the strategy and measurement and tracking of your success.

Infront has developed ‘Stop Clock Dev’ as a solution to help our customers achieve more through automation. Ask us how our Stop Clock Dev solution can help your team achieve more.

Cloud, Datacenter, Mobility & Managed Services

Your IT direction should be driven through logical, business decisions and not the direction of software vendors. Infront can work with you to understand your IT vision, make recommendations based on what we’ve seen work and not work. Whether it’s Cloud, on-premise Datacenter or something hybrid, let’s work to prioritize your requirements and recommend solution options.

If you’ve chosen your direction and you are looking for packaged offerings to accelerate your progress, we can assist here as well.

Cerulean – Retail PoS Patching

Infront’s Cerulean solution allows retailers to manage the patching of their Point of Sale and Windows Embedded systems from Azure. Achieve compliance and reduce your attack surface by staying current with security updates. Avoid costly PCI penalties and fines.

Managed PKI in Azure

Infront’s Managed PKI solution allows customers to improve the security in their environment through the use of certificates. Multi-factor authentication is a defence in depth strategy that reduces security threats.

Disaster Recovery as a Service

Infront can provide Disaster Recovery as a Service (DRaaS) to customers, allowing them to reduce their costly, annual expenses in Disaster Recovery facilities, hardware and network connectivity costs as well as automate the provisioning of their systems in the event of a disaster.

SCOM as a Managed Service

Good monitoring tools are fantastic at generating alerts but without ongoing tuning, your operations team can drown in alerts and begin ignoring them, crippling the benefits of the monitoring tool. Infront can manage the tuning, agent deployment and Management Pack configuration to get the actionable alerts out to the right people.

Blockchain is claimed as the next big disruption in technology and in almost all industries. A Blockchain facilitates secure online transactions.

A Blockchain is a decentralized and distributed digital ledger that is used to record transactions across many computers so that the record cannot be altered retroactively without the alteration of all subsequent blocks and the collusion of the network. Bitcoin and Ethereum are the two most popular and largest implementation of Blockchain. Ethereum takes Blockchain further by extending it to use Smart Contracts and develops a decentralized application. Smart Contracts can be written to create industry-specific solutions that can help disrupt, remove intermediaries and bring consumers and producers on the same platform. This has the same effect as Napster had in the music industry.

Infront can help you and your organization to ideate, architect, design, build, deploy and operate Ethereum based decentralized applications. It can conduct workshops with CXO’s to bring clarity and initiate thought processes to get started on this journey. Infront can also help build Smart Contracts and provide consulting services on Blockchain based solutions.

Office 365 Advanced Threat Protection

Simply put, no organization can ignore, delegate, delay, deny or dismiss security. It is everyone’s job to have security on their mind, but security has to be the top concern for the IT department as a breach causes damaging publicity, expensive mitigation, business disruption, and most importantly lost customers. Office 365 Advanced Threat Protection (ATP) gives you a quick, effective and affordable way to improve your email security.

$4 Million

$1 Billion

Average cost of data breach. Losses from ransonware in 2016
2016 Cost of Data Breach Study: Global Analysis: Ponemon Institute Vircom.com Blog:The 10 Craziest Cybersecurity Statistics of 2016


$500 billion

Ransomeware attacks per day in 2016

Total global cost of cybercrime

FBI PDF: Ransonware Prevention and Response For Crisis Cybersecurityventures.com 2016 Report: Hackerpocalypse Cybercrime



Security Challenges – The Evolving Threat Landscape

73% of Enterprises

87% of Senior Managers

75%+ of All Network Intrusions

80%+ of Employees


indicated security as a top challenge holding back SaaS adoption admit to regularly uploading work files to a personal email or cloud account are due to compromised user credentials admit to using non-approved SaaS apps in their jobs The median number of days that attackers reside within a victim's network before detection



As hackers around the globe launch increasingly sophisticated attacks, organizations are seeking tools that provide additional protection. Microsoft is pleased to offer customers security capabilities in Microsoft Office 365 with Advanced Threat Protection (ATP), an email filtering service that provides stronger protection against specific types of advanced threats.


Watch Our Secure Informed Worker Demo Now


The Microsoft Approach – Office 365 ATP offers three core features to better secure your email:


Safe Attachments – which protects against unknown malware and viruses


Safe Links – which provides real-time time-of-click protection against malicious URLs


Rich reporting and trace capabilities


Get In Touch

Deploying SCOM

Do you need help with Microsoft System Center Operations Manager Deployment?

Download the Statement of Work
  • 100% remote delivery
  • Timeline for delivery will be determined based on a signed SOW and retainer received
  • Infront will define and implement a very specific architecture that the customer is able to grow and add on to in the future
  • No SCOM Agent remediation (Out of Scope, but can be quoted separately)
  • Infront will coach the customer (via informal knowledge transfer) on how to accomplish some basic tasks and record the sessions for their internal use at a later date.
  • OMS integration can be added, but not in scope

Download SOW

Deploying SCCM

Do you need help with Microsoft System Center Configuration Manager Deployment?

Download the Statement of Work
  • 100% remote delivery
  • Timeline for delivery will be determined based on a signed SOW and retainer received
  • Infront will define and implement a very specific architecture that the customer is able to grow and add on to in the future
  • No SCCM Agent remediation (Out of Scope, but can be quoted separately)
  • Infront will coach the customer (via informal knowledge transfer) on how to accomplish some basic tasks and record the sessions for their internal use at a later date.


Download SOW

SCOM Health Assessment Overview

The System Center 2012 / 2016 Operations Manager (SCOM) Assessment & OMS Readiness report provides insight into the health and configuration of client’s Operations Manager environment and its dependencies. That includes, but is not limited to, SQL Server, client configurations, System Center Operations Manager Management Groups and Servers, the Windows operating system, the network infrastructure, and the physical or virtualized hardware.

The scope of the Health Assessment Dashboard is to assist the SCOM/OMS Administrator in identifying issues and suggesting potential resolutions. Any remediation steps taken can be tracked for effectiveness due to the Near Real-time nature of the Power BI Reports.

By taking this holistic approach, the SCOM/OMS Administrator is better equipped to provide a detailed, accurate picture of their environment, that would not be available by just focusing on an individual component.

Test Drive


Reusable Automation Offerings

Reusable Automation Offerings are Self Service offerings via System Center Service Manager. On-premise Enterprise datacenter management scenarios which Infront has automated and are completely reusable. These are built on System Center Orchestrator and can be converted to PowerShell easily to be used via other automation engines.

Learn More

Azure Automation

Have you moved VMs to Azure IaaS? Are you benefiting from the cost savings in Microsoft’s Azure Hybrid Use Benefit? Most organizations aren’t and they are losing out on potential cost savings.

Learn More

Server Patching as a Service

Compliance & Security has never been most important!

 Allow us to show you how outsourcing your patching will result in
  • Guaranteed compliance
  • Improved security
  • Reduced risk and attack surface
  • Reduced OpEx

Learn More

Security Assessment for 0ffice 365 (O365)

Have you implemented Office 365 (O365) and would like an independent security assessment performed to allow your organization to review any security issues with the vendor that performed the implementation.   Infront Consulting Group Ltd. (Infront) can provide your organization a remote, short, fixed price engagement that will involve a security review of your O365 estate.

Infront will perform the following tasks …

• Perform a security analysis to help identify potential areas where security vulnerabilities exist
• Provide a full inventory of your current O365 security configurations
• Provide a list of recommendations to mitigate identified security risks including:
– Account Breaches
– Elevation of Privileges
– Data Loss
– Malicious Insider
– Phishing/Whaling
– Data Spillage
– Data Deletion
– Password Cracking
– Dormant Account
• Produce an Office 365 Secure Score Report

Please note that Infront will require Global Admin level access temporarily to the O365 tenant to perform a security assessment and review and produce a report based on our findings.

Infront will use Microsoft’s O365 Portal to conduct the security review. Infront will work with you as required and provide a 1-2 hour presentation to management of our findings at the end of the engagement.

The Result: At the end of this engagement, your organization will have a detailed O365 Security Analysis report listing areas of risk and providing details on ways to remediate or eliminate the risk.

Get In Touch

According to Microsoft, Windows 10 adoption is happening at a record pace. With the ambitious goal of having one billion devices running Windows 10 by 2018, the company has put the pressure on enterprises and consumers alike to upgrade.

Even though the move to Windows 10 is inevitable, enterprises can still remain in the driver’s seat with Infront’s approach. Taking a phased approach to Windows 10 allows you to maintain control.

Get In Touch

6 Elements to consider when Deploying Windows 10


Be Prepared: With any migration or upgrade, challenges will arise. Windows 10 migration is no different – so be prepared.
a. Windows-as-a-Service model means preparing for future releases and update cycles.
b. Patching enterprise-wide can lead to significant network bottlenecks that can severely impact business operations for on-premise updates.

Don’t forget your infrastructure.  Is your new software compatible?   Legacy infrastructure can cause critical compatibility issues due to its age and resulting complexity. Moving legacy applications can also be troublesome for many businesses.


Inventory and Rationalize Applications. Microsoft System Center Configuration Manager (SCCM), can help enterprises collect raw inventory data, normalize and categorize applications, and then identify which apps should be consolidated, retired, upgraded and migrated.


Select the Right Migration Option.
a. Wipe and Load – where you capture data and settings, deploy (custom) OS Image, install drivers and applications, and then restore the data and settings.
b. In-Place Upgrades – for devices that are already running Windows 7, 8, or 8.1, that lets Windows do the work.
c. New devices must be configured and provisioned to be enterprise ready.


Automation is Your Friend- Automate wherever possible. Reducing the number of manual processes is the best way to keep up with Microsoft’s faster update schedule. To help offload some of the burdens on IT, you can take advantage of technologies that automatically detect Windows 10 anomalies to keep your environment in sync. Using a tool that automatically pushes content changes a single time when the content is updated, increases deployment rates by ensuring that the latest versions are always available as soon as possible.


Security First – While security is a primary factor for enterprises choosing to move to Windows 10,  you can’t forget about following security best practices. Create a strategy to centrally manage security settings on devices. Encrypt content everywhere to protect all software assets. Manage role-based security to limit the control different administrators have over the enterprise. Don’t forget to maintain visibility and control. Know where content is being deployed in real-time and control the priorities of distribution which will ensure that critical IT items, like security updates, never get negatively impacted during Windows 10 deployments.


Budget Impact: A new subscription model means businesses will need to adjust from a CapEx approach to an OpEx one. This can be a potential strain on an organization at first. Larger enterprises will be challenged to move to a budgeting process that can reconcile IT support and license costs that spreads out over a period of time, in contrast to the predictability of budgeting upfront.

Based on our team’s experience with a 500 seat or 5,000 seat deployment, we can help your organization with Windows 10 migration. Call us. Get In Touch

Can you relate?

A furniture retailer in the US provides their salespeople on the showroom floor with Windows 10 tablets. This allows the salespeople to enter the furniture items customers are interested in as they walk around the store, check inventory, color choices and ship times. This makes the whole shopping experience feel very personalized and gives the customer answers to their questions on the spot. The salespeople can access the manufacturer’s websites to find out more information and when the customer gets to the checkout, they simply need to pay to complete their transaction.

They needed to deploy a new Windows 10 application quickly to all of their tablets but had no central way to do that.
Infront worked with them to understand their requirements, the number of stores, number of tablets and tablet connectivity. Based on the discovered requirements, Infront  architected the design and deployed SCCM to allow them to quickly and centrally control application deployment to Windows 10 tablets.
With the SCCM infrastructure in place, Infront built the Windows 10 application package and walked them through the deployment process and showed them how to track successful deployment and remediate any failed application installations.

The Result:

They are now able to centrally deploy and manage all of their devices, tablets, desktops, and servers using a single SCCM console. They are able to ensure patch deployment and report on compliance monthly. They were also able to save tens of thousands of dollars on manual IT administrative tasks deploying applications as well as the expense of having IT technicians travel to all of their stores to perform the manual IT tasks.

Solution Components:

Windows 10 Application Deployment, System Center Configuration Manager, Automated Application Provisioning, Patch Management, Compliance

Have a unique challenge or just looking for support, call us. Get In Touch

Do you require a fast, reliable and private Azure connection?

ExpressRoute is the answer.

  • Public and Private connections to Azure and O365
  • Increased reliability and speed
  • Lower latency, better performance
  • Significant cost benefits possible

ExpressRoute connections don’t involve the public Internet. This offers more reliability, faster speeds, and lower latencies than typical Internet connections. Using ExpressRoute connections to transfer data between on-premises systems and Azure can give your organization significant cost benefits; an added bonus in some cases.

Why use a virtual private cloud for storage, backup, and recovery?

ExpressRoute gives your organization a fast and reliable connection to Azure, which makes it excellent for scenarios like:

  • Periodic data migration;
  • Replication for business continuity;
  • Disaster recovery;
  • Other high-availability strategies.

Are you transferring large amounts of data, such as:

  • Datasets for high-performance computing applications,
  • Moving large virtual machines between your dev-test environment in an Azure virtual private cloud and your on-premises production environment.

Get In Touch

Back to the Basics / FAQ

What is ExpressRoute?

  • ExpressRoute is an Azure service that lets you create private connections between Microsoft datacenters and infrastructure that are on your premises or in a colocation facility. ExpressRoute connections do not go over the public Internet and offer higher security, reliability, and speeds with lower latencies than typical connections over the Internet.   In some cases, using ExpressRoute connections to transfer data between on-premises systems and Azure can give you significant cost benefits.
  • With ExpressRoute, establish connections to Azure at an ExpressRoute location, such as an Exchange provider facility, or directly connect to Azure from your existing WAN network, such as a multiprotocol label switching (MPLS) VPN, provided by a network service provider.

How can I use ExpressRoute?
A. Use a virtual private cloud for storage, backup, and recovery

  • ExpressRoute gives you a fast and reliable connection to Azure, which makes it excellent for scenarios like periodic data migration, replication for business continuity, disaster recovery, and other high-availability strategies. It can be a cost-effective option for transferring large amounts of data, such as datasets for high-performance computing applications, or moving large virtual machines between your dev-test environment in an Azure virtual private cloud and your on-premises production environment.

B. Extend your datacenter

  • Use ExpressRoute to add compute and storage capacity to your existing datacenter. With high throughput and fast latencies, Azure will feel like a natural extension to your datacenter, so you enjoy the scale and economics of the public cloud without having to compromise on network performance.

C. Build hybrid applications

  • With predictable, reliable, and high-throughput connections offered by ExpressRoute, build applications that span on-premises infrastructure and Azure without compromising privacy or performance. For example, run a corporate intranet application in Azure that authenticates your customers with an on-premises Active Directory service, and serves all of your corporate customers without traffic ever routing through the public Internet.

What are the benefits of using ExpressRoute and private network connections?

  • ExpressRoute connections do not go over the public Internet. They offer higher security, reliability, and speeds, with lower and consistent latencies than typical connections over the Internet. In some cases, using ExpressRoute connections to transfer data between on-premises devices and Azure can yield significant cost benefits.

What is the pricing strategy for ExpressRoute?

  • No upfront costs
  • No termination fees
  • Pay only for what you use

Do I have to pay an additional ExpressRoute fee to Microsoft to access Office365 on ExpressRoute?

  • No. You will be billed the ExpressRoute monthly fee (including the premium add-on monthly fee) and the Office365 subscription charge; there is no additional fee for using this service.

Can I use Office365 (including Exchange and Skype for Business) on ExpressRoute?

  • Yes. Office 365 license must be separately obtained. You will need to purchase an ExpressRoute Premium circuit to use Office 365 with ExpressRoute. Moreover, you will be charged for data transfer (based on consumption) if you choose the ExpressRoute metered pricing plan.

If I pay for an ExpressRoute circuit of a given bandwidth, does the VPN connection I purchase from my network service provider have to be the same speed?

  • No. You can purchase a VPN connection of any speed from your service provider. However, your connection to Azure is limited to the ExpressRoute circuit bandwidth that you purchase.

If I pay for an ExpressRoute circuit of a given bandwidth, do I have the ability to burst up to higher speeds if necessary?

  • Yes. ExpressRoute circuits are configured to allow you to burst up to two times the bandwidth limit you procured for no additional cost. Check with your service provider to see if they support this capability.

Can I use the same private network connection with a virtual network and other Azure services simultaneously?

  • Yes. An ExpressRoute circuit, once set up, allows you to access services within a virtual network and other Azure services simultaneously. You connect to virtual networks over the private peering path, and to other services over the public peering path.

Request More Information