About me

The Laughing Cloud Mission

“I’m Visitha Galhena, an Azure enthusiast/architect. I created laughingcloud.io to bridge the gap between complex cloud architecture and practical, real-world execution. My goal is to make cloud engineering less intimidating and more accessible through clear, high-quality technical guides.”

 

Certifications

“My approach to the cloud is vendor-agnostic. By maintaining certifications across multiple platforms, I can design architectures that leverage the specific strengths of each provider—whether it’s Azure’s enterprise integration or AWS’s vast service ecosystem.”

My Expert Areas

  • Enterprise Landing Zones: Designing governed, scalable environments using the Microsoft Cloud Adoption Framework (CAF).
  • High Availability & Resilience: Architecture “Always On” solutions using Availability Zones, Load Balancing, and geo-redundancy.
  • Cost Optimization: Implementing FinOps principles to ensure cloud spend aligns with business value.
    Hybrid Cloud Integration.
  • Seamless Connectivity: Integrating on-premises data centers with Azure and AWS using Hub-Spoke topologies, VPN Gateways, and ExpressRoute.
  • Identity & Security Extension: Extending Microsoft Entra ID and security policies across hybrid boundaries to maintain a single pane of glass.
  • Unified Management: Leveraging Azure Arc to manage and govern servers and Kubernetes clusters across diverse environments.
    Hybrid Edge (Azure Local & Azure Stack)
  • Azure Local (formerly Azure Stack HCI): I focus on the evolution of Microsoft’s edge portfolio. For instance, I specialize in Azure Local (formerly Azure Stack HCI), which allows organizations to implement modern hyper-converged infrastructure (HCI) directly on-premises. By doing so, businesses can run Azure services locally to meet strict requirements for low-latency and data residency.
  • Azure Stack Hub: Deep experience in deploying and managing full-scale cloud-consistent infrastructure for disconnected or highly regulated scenarios.
  • Edge Computing: Deploying cloud-native workloads at the edge to process data where it is generated.
    App Modernization & Cloud-Native.
  • Legacy Transformation: Moving from monolithic “on-prem” apps to modern, containerized (AKS/ARO), or serverless architectures.
    Business Continuity (BCP) & Monitoring.
  • BCP & Disaster Recovery: Designing robust recovery strategies using Azure Site Recovery (ASR) and Azure Backup.
  • Observability: Building comprehensive visibility with Azure Monitor, Log Analytics, and Application Insights.
    Cloud Security & Zero Trust Architecture.
  • Identity-First Security: Advanced implementation of Microsoft Entra ID, including Conditional Access, MFA, and Privileged Identity Management (PIM).
  • Threat Protection: Configuring Microsoft Sentinel (SIEM) and Defender for Cloud for proactive threat hunting and automated incident response.
  • Governance & Compliance: Using Azure Policy and Blueprints to enforce “Guardrails” and automate regulatory compliance at scale.
  • Network Hardening: Securing the data plane with Azure Firewall, Private Links, and DDoS Protection to minimize attack surfaces.