Del via

Enterprise-scale disaster recovery

Microsoft Entra ID
Azure Site Recovery
Azure Traffic Manager
Azure Virtual Network
Azure VPN Gateway

Solution ideas

This article describes a solution idea. Your cloud architect can use this guidance to help visualize the major components for a typical implementation of this architecture. Use this article as a starting point to design a well-architected solution that aligns with your workload's specific requirements.

A large enterprise architecture for SharePoint, Dynamics CRM, and Linux web servers hosted on an on-premises datacenter with failover to Azure infrastructure.

This solution is built on the Azure managed services: Traffic Manager, Azure Site Recovery, Microsoft Entra ID, VPN Gateway, and Virtual Network. These services run in a high-availability environment, patched and supported, allowing you to focus on your solution instead of the environment they run in.

Potential use cases

Organizations that utilize this service include:

  • Hospitals (healthcare)
  • Universities (education)
  • Government (local, state, and federal)


Architecture diagram shows from users through the D N S routing to a before and after failover virtual machines: disaster recovery enterprise scale.

Download a Visio file of this architecture.


  • DNS traffic is routed via Traffic Manager, which can easily move traffic from one site to another based on policies defined by your organization.
  • Azure Site Recovery orchestrates the replication of machines and manages the configuration of the failback procedures.
  • Blob storage stores the replica images of all machines that are protected by Site Recovery.
  • Microsoft Entra ID is the replica of the on-premises Microsoft Entra ID services allowing cloud applications to be authenticated and authorized by your company.
  • VPN Gateway: The VPN gateway maintains the communication between the on-premises network and the cloud network securely and privately.
  • Virtual Network: The virtual network is where the failover site will be created when a disaster occurs.


This article is maintained by Microsoft. It was originally written by the following contributors.

Principal author:

Next steps