A look at a real Azure deployment McKula completed for a client — App Services, Azure SQL, Microsoft Defender for Cloud, and geo-redundant blob storage working together.
McKula recently completed an Angular application deployed entirely on Microsoft Azure for a client. The architecture was designed around three priorities: security, low maintenance overhead, and reliability. Azure delivers well on all three when it's configured correctly — and this project gave us a good opportunity to put several services together in a production environment.
Both the API and the Angular UI are hosted via Azure App Services — a managed platform that handles OS patching, scaling, and availability without requiring server administration.
The database layer runs on Azure SQL, providing a fully managed relational database with built-in high availability and automated backups.
Defender for Cloud continuously assesses services for security vulnerabilities, provides security recommendations, and generates alerts when threats are detected — at a cost that's accessible for most clients.
File storage for PDFs and certifications. Because Azure SQL lacks the Filestream capability available in on-premise SQL Server, file pointers live in the database while actual files live in blob storage — with full Defender coverage.
One of the practical decisions in this deployment was file storage. On-premise SQL Server supports Filestream, which allows binary files to be stored alongside relational data. Azure SQL doesn't offer this. The approach we used was a hybrid: store a file reference (path or identifier) in the SQL database, and store the actual file in Azure Blob Storage.
This is a common and effective pattern for cloud deployments. Blob storage is cost-efficient, scales automatically, and integrates naturally with Azure's security layer. The application retrieves files by looking up the reference in SQL and fetching from blob storage — the user experience is seamless.
The application uses geo-redundant storage, which replicates data to both a primary and a secondary region. In the event of a regional outage, the data remains accessible. Advanced configurations can use the secondary region for read-only operations during normal operation, improving read performance without any additional risk.
This level of redundancy would have required significant infrastructure investment on-premise. On Azure, it's a configuration option.
McKula's confidence in Azure extends to our own applications — we don't recommend platforms to clients that we wouldn't trust for our own work. For organizations already in the Microsoft ecosystem, Azure's deep integration with Active Directory, Office 365, and the Power Platform makes it the natural choice for new application infrastructure.
The combination of managed services, built-in security tooling, and global redundancy makes it a genuinely solid platform — not just a cloud migration checkbox.