Extending the power of Azure AI to Microsoft 365 users

What is Azure AI?

Azure AI is a set of AI services built on Microsoft’s breakthrough innovation from decades of world-class research in vision, speech, language processing, and custom machine learning. What is particularly exciting is that Azure AI provides our customers with access to the same proven AI capabilities that power Microsoft 365, Xbox, HoloLens, and Bing. In fact, there are more than 20,000 active paying customers—and more than 85 percent of the Fortune 100 companies have used Azure AI in the last 12 months.

Azure AI helps organizations:

◉ Develop machine learning models that can help with scenarios such as demand forecasting, recommendations, or fraud detection using Azure Machine Learning.

◉ Incorporate vision, speech, and language understanding capabilities into AI applications and bots, with Azure Cognitive Services and Azure Bot Service.

◉ Build knowledge-mining solutions to make better use of untapped information in their content and documents using Azure Search.

Microsoft 365 provides innovative product experiences with Azure AI

The announcement of Microsoft Editor is one example of innovation. Editor, your personal intelligent writing assistant is available across Word, Outlook.com, and browser extensions for Edge and Chrome. Editor is an AI-powered service available in more than 20 languages that has traditionally helped writers with spell check and grammar recommendations. Powered by AI models built with Azure Machine Learning, Editor can now recommend clear and concise phrasing, suggest more formal language, and provide citation recommendations.

Additionally, Microsoft PowerPoint utilizes Azure AI in multiple ways. PowerPoint Designer uses Azure Machine Learning to recommend design layouts to users based on the content on the slide. In the example image below, Designer made the design recommendation based on the context in the slide. It can also can intelligently crop objects and people in images and place them in optimal layout on a slide. Since its launch, PowerPoint Designer users have kept nearly two billion Designer slides in their presentation.

PowerPoint also uses Azure Cognitive Services such as the Speech service to power live captions and subtitles for presentations in real-time, making it easier for all audience members to follow along. Additionally, PowerPoint also uses Translator Text to provide live translations into over 60 languages to reach an even wider audience. These AI-powered capabilities in PowerPoint are providing new experiences for users, allowing them to connect with diverse audiences they were unable to reach before.

These same innovations can also be found in Microsoft Teams. As we look to stay connected with co-workers, Teams has some helpful capabilities intended to make it easier to collaborate and communicate while working remotely. For example, Teams offers the ability of live captioning meetings, which leverages the Speech API for speech transcription. But it doesn’t stop there. As you saw with PowerPoint, Teams also uses Azure AI for live translations when you set up Live Events. This functionality is particularly useful for company town hall meetings or even for any virtual event with up to ten thousand attendees, allowing presenters to reach audiences worldwide

These are just a few of the ways Microsoft 365 applications utilize Azure AI to deliver industry-leading experiences to billions of users. When you consider the fact that other Microsoft products such as Microsoft 365, Xbox, HoloLens 2, Dynamics 365, and Power Platform all rely on Azure AI, you begin to see the massive scale and the breadth of scenarios that only Azure can offer. Best of all, these same capabilities are available to anyone in Azure AI.

Continue reading

Azure Government Secret accredited at DoD IL6, ICD 503 with IaaS and PaaS

Accelerate classified missions with unparalleled connectivity, high availability, and resiliency across three regions with more than 35 services

Azure Government Secret recently achieved Provisional Authorization (PA) at Department of Defense Impact Level 6 (IL6) and Intelligence Community Directive (ICD) 503 with facilities at ICD 705. We’re also announcing a third region to enable even higher availability for national security missions to stay ahead of their unique threats.

Built exclusively for the needs of US government and operated by cleared US citizens, Azure Government Secret delivers dedicated regions to maintain the security and integrity of classified Secret workloads while enabling reliable access to critical data. The first cloud natively connected to classified networks; Azure Government Secret enables customers to leverage options for private, resilient, high-bandwidth connectivity.

Protect national security production workloads with geodiversity across three regions

Azure Government Secret is designed for the unique requirements of critical national security workloads that cannot be served out of a single geographic location. To provide the geodiversity required, Azure Government Secret delivers across three dedicated regions for US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within Secret enclaves. These dedicated Azure regions are located over 500 miles apart to enable applications to stay running in the face of a disaster without a break in continuity of operations.

In addition, these regions provide greater choice when working across multiple locations and delivering cloud-to-edge scenarios. With comprehensive cloud services Azure Government Secret enables faster innovation for the mission from cloud to tactical edge meeting the critical availability needs of the warfighter.

Enabling classified missions at scale with more than 35 services

Designed and built for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS) and Marketplace solutions, Azure Government Secret provides a broad range of commercial innovation for classified workloads.­ Some of the services include: identity, analytics, security, and high performance computing to support advanced artificial intelligence (AI) and machine learning.

Operated by cleared US citizens, these new regions are part of Azure Government, delivering a familiar, consistent experience and alignment with existing resellers and programs. Eligible customers can also leverage cleared Microsoft cloud support for their workloads.

Gain speed by connecting directly or extending on-premises networks

With Azure Government Secret, customers can connect natively to classified networks or leverage options for private, resilient, high-bandwidth connectivity using ExpressRoute and ExpressRoute Direct:

◉ Native connection: Agencies with direct connections through US government classified networks can connect natively to Azure Government Secret.

◉ ExpressRoute: Extend on-premises networks into Azure Government Secret regions over a private connection facilitated by a connectivity provider with ExpressRoute.

◉ ExpressRoute Direct: Get the ability to connect directly into Azure Government Secret locations using ExpressRoute Direct.

Continued investments in commercial parity across data classifications

In addition to serving mission customers at DoD IL6 and ICD 503, we continue to invest in rapidly delivering new Azure Government capabilities to support mission needs across all data classifications for any US government customer. In the last six months we’ve continued our drive toward commercial parity, adding hundreds of features and launching 40+ new services and 101 total services in FedRAMP High, with more to come across Azure commercial, Azure Government and Azure Government Secret.

These continued investments enable customers across the full spectrum of government, including departments in every state, all the federal cabinet agencies, and each military branch, modernize their IT to better achieve their missions.

Continue reading

How Azure Machine Learning enables PowerPoint Designer

If you use Office 365, you have likely seen the Microsoft PowerPoint Designer appear to offer helpful ideas when you insert a picture into a PowerPoint slide. You may also have found it under the Home tab in the ribbon. In either case, Designer provides users with redesigned slides to maximize their engagement and visual appeal. These designs include different ways to represent your text as diagrams, layouts to make your images pop, and now it can even surface relevant icons and images to bring your slides to the next level. Ultimately, it saves users time while enhancing their slides to create stunning, memorable, and effective presentations.

Designer uses artificial intelligence (AI) capabilities in Office 365 to enable users to be more productive and unlock greater value from PowerPoint. It applies AI technologies and machine learning based techniques to suggest high-quality professional slide designs. Content on slides such as images, text, and tables are analyzed by Designer and formatted based on professionally designed templates for enhanced effectiveness and visual appeal.

The data science team, working to grow and improve Designer, is comprised of five data scientists with diverse backgrounds in applied machine learning and software engineering. They strive to continue pushing barriers in the AI space, delivering tools that make everyone’s presentation designs more impactful and effortless. They’ve shared some of the efforts behind PowerPoint Designer, just so we can get a peek under the hood of this powerful capability.

PowerPoint Designer capabilities

Designer has been processing user requests in the production environment for several years and uses machine learning models for problems such as image categorization, content recommendation, text analysis, slide structure analysis, suggestion ranking, and more. Since its launch, Designer users have kept 1.7 billion Designer slides in their presentations. This means the team needs a platform to run their models at a large scale. Plus, the Designer team is regularly retraining models in production and driving model experimentation to provide optimized content recommendations.

Recently, the data analysis and machine learning team within PowerPoint started leveraging Azure Machine Learning and its robust MLOps capabilities to build models faster and at scale, replacing local development. Moving toward content suggestions, like background images, videos, and more, requires a highly performant platform, further necessitating the shift towards Azure Machine Learning.

The team uses Azure Machine Learning and its MLOps capabilities to create automated pipelines that can be iterated on, without disrupting the user experience. The pipeline starts at the Azure Data Lake, where the data is stored. From there, the team gathers data and preprocesses it—merging data from different sources and transforming raw data into a format that models can understand. Utilizing the Azure Machine Learning distributed training, they retrain their current models weekly or monthly. Distributed training allows the team to train models in parallel across multiple virtual machines (VMs) and GPUs (graphic processing units). This saves the team considerable time to ensure the model training doesn’t disrupt the user experience for the data science team, so they can focus on other objectives like experimentation.

The team does experimentation in parallel as well—trying variants, or hyperparameters, and comparing results. The final model is then put back into Azure Data Lake and downloaded to Azure Machine Learning.

The following diagram shows the conceptualized, high-level architecture of data being used from local caches in Azure Data Lake to develop machine learning models on the Azure Machine Learning. These models are then integrated into the micro-service architecture of the Designer backend service that presents PowerPoint users with intelligent slide suggestions.

Benefits of Azure Machine Learning for the PowerPoint team

The PowerPoint team decided to move its workloads over to the Azure Machine Learning based on the following capabilities:

◉ Supports Python notebooks which can be accessed on any machine through the browser.

◉ Natively supports running the latest TensorFlow and PyTorch-based algorithms and pre-trained models.

◉ Experimentation is very easy to set up with minimal ramp-up time It allows execution locally or on the cloud seamlessly thereby presenting developers with a hybrid environment.

◉ Azure Machine Learning is one of Microsoft’s key AI investments.

Continue reading

Azure Dedicated Host: New capabilities and benefits

Azure Dedicated Host provides a single-tenant physical server to run your Azure Virtual Machines for Windows Server and Linux. With Azure Dedicated Host, you can address specific compliance requirements while increasing visibility and control over your underlying infrastructure.

What’s new

Save costs with Azure Dedicated Hosts reservations

We recently introduced the ability for you to purchase Azure reservations for Dedicated Hosts. You are now able to reduce costs by buying Azure Dedicated Hosts reservations. The reservation discount is applied automatically to the number of running dedicated hosts that match the reservation scope and attributes. You don't need to assign a reservation to a specific dedicated host to get the discounts. You may also delete and create hosts and have the reservation apply to the hosts already deployed at any given time.

The Azure Dedicated Hosts pricing page contains the complete list of Dedicated Hosts SKUs, their CPU information, and various pricing options including Azure reservations discounts.

Azure Dedicated Host SKUs, unlike Azure Virtual Machines, are defined based on the virtual machine (VM) series and hardware generation. With Azure Dedicated Hosts, your reservation will automatically apply to any host SKUs supporting the same VM series. For example, if you acquired a reservation for Dsv3_Type1 dedicated host, you would be able to use it with Dsv3_Type2 dedicated hosts.

Maintenance control for platform updates supports Azure Dedicated Hosts

The maintenance control feature for Azure Dedicated Hosts gives control over platform maintenance operations to customers with highly sensitive workloads. Using this feature, customers can manage platform updates that don’t require a reboot. Maintenance control batch updates into one update package and gives you the option to delay platform updates and apply them within a 35-day rolling window.

You can take advantage of this new capability, by creating a maintenance configuration object and then apply it to your dedicated hosts. Then, you can check for pending updates and apply them at the host level. All VMs assigned to the host will be impacted at the same time.

Prior to applying the maintenance, you can check the impact type and expected duration of the impact

More options with new SKUs

Since the preview was announced, we have added support for additional VM series and host types. We’re currently supporting both Intel and AMD SKUs with a variety of VM series: Dsv3, Esv3, Dasv4, Easv4, Fsv2, Lsv2, and Msv2. This will enable our customers to run a broad range of workloads on Dedicated Hosts including and not limited to general purpose or memory, storage, and compute intensive applications.

Resource Health Activity Log Alerts for Dedicated Hosts

Azure Resource Health alerts can notify you in near real-time when your dedicated hosts experience a change with respect to their health status. Creating Resource Health alerts programmatically let users create and customize alerts in bulk. You can create an action group and specify the steps to take once an alert is triggered. Follow the steps to create activity log alerts using Azure Resource Manager Template and remember to modify the template to include resources of type dedicated hosts.

Source: azure.microsoft.com

Continue reading

Power your Azure GPU workstations with flexible GPU partitioning

Today we're sharing the general availability of NVv4 virtual machines in South Central US, East US, and West Europe regions, with additional regions planned in the coming months. With NVv4, Azure is the first public cloud to offer GPU partitioning built on industry-standard SR-IOV technology.

NVv4 VMs feature AMD’s Radeon Instinct MI25 GPU, up to 32 AMD EPYC™ 7002-series vCPUs with clock frequencies up to 3.3 GHz, 112 GB of RAM, 480 MB of L3 cache, and simultaneous multithreading (SMT).

Pay-As-You-Go pricing for Windows  deployments is available now. One- and three-year Reserved Instance and Spot Pricing for NVv4 VMs will be available on April 1. Support for Linux will be available soon.

Affordable, modern GPU powered virtual desktops in the cloud

As enterprises look to the cloud to provide virtual desktops and workstations in a secure way to a highly mobile workforce, they face the significant challenge of managing cost and performance while meeting user experience expectations. Traditionally, public clouds offered virtual machines with one or more GPUs, which are best suited for the most GPU intensive workloads that required the full power and resources of a GPU. But for the regular knowledge worker profile, a full GPU could be overkill. For some of these customers, multi-session virtual desktops like those offered by Windows Virtual Desktop fit the bill, by letting concurrent sessions share the GPU dynamically. However, some VDI customers need a dedicated virtual machine (VM) per user, either for performance or isolation reasons. For these kinds of workloads, customers are looking for a scale-down option to choose the right GPU size to meet the requirements.

Our customers needed cost-effective VM options that are sized appropriately with dedicated GPU resources for each user, starting from office workers running productivity apps to engineering workstations running GPU-powered workloads such as CAD, gaming, and simulation.

“With the new AMD-powered Workspot cloud desktops on Azure, we now have several perfectly sized cloud workstations for our different workloads. We’ve found the new entry level cloud workstation, using a fraction of the AMD GPU, is just right for our users running Microsoft Office 365 productivity tools and Adobe design tools (Photoshop, Illustrator and InDesign). This fills in an additional much-needed point on the price/performance curve, which allows us to move even more users to the AMD-powered Workspot cloud desktops on Azure.” Andy Knauf, CIO, Mead & Hunt

Pick the right GPU virtual machine size for the VDI user profile

The NVv4 virtual machine series is designed specifically for the cloud virtual desktop infrastructure (VDI) and the desktop-as-a-service (DaaS) markets. We wanted to bring GPU processing power to the masses by putting a slice of the GPU in every desktop in the cloud. NVv4 enables enterprises to provide modern desktops in the cloud, with the ideal balance of price and performance for their workloads.

The following diagram shows how the different VM sizes align with the different VDI user profiles and requirements.

“Based on the application requirements of each engineer, we can dedicate all or a fraction of the AMD GPU to their Workspot workstation on Azure. This finer resolution of control gives us the financial edge we need to move more people to Workspot cloud desktops on Azure and increase our overall productivity.”  Eric Quinn, CTO, C&S Companies.

Predictable performance and security with hardware partitioning of the GPU

In Azure, the security of the customer's workload is always a top priority. SR-IOV based GPU partitioning provides a strong, hardware-backed security boundary with predictable performance for each virtual machine. We partition a single AMD Radeon Instinct MI 25 GPU and allocate it up to eight virtual machines. Each virtual machine can only access the GPU resources dedicated to them and the secure hardware partitioning prevents unauthorized access by other VMs.

“The Azure NVv4 VM series offers ArcGIS Pro users an exceptional graphical user experience. The four NVv4 sizes provide flexibility to accommodate workloads ranging from light GIS editing to 3D manipulation. ”  Ryan Danzey, Sr. Product Engineer – Performance, ESRI ArcGIS

Designed to work with Windows Virtual Desktop and VDI partners you use today

Customers in the VDI segment have many choices for remote protocol and infrastructure management. We worked closely with the key partners to ensure support for NVv4 virtual machines.

Windows Virtual Desktop supports the new NVv4 virtual machines with native WVD deployments that use RDP as well as solutions delivered by Citrix and VMware, our approved providers.

NVv4 virtual machines support Microsoft Remote Desktop Protocol (RDP), Teradici PCoIP, and HDX 3D Pro. The graphics API support covers DirectX 9 through 12, OpenGL 4.6, and Vulkan 1.1.

Windows Virtual Desktop, Citrix, Teradici, Workspot, and Nutanix Frame are some of the Azure VDI partners who have extensively validated the new NVv4 virtual machines and are ready to offer it to their customers.

"This is exciting news for our Citrix customers who are delivering Citrix Workspaces from the cloud. As we see more customers migrate to the cloud, the release of the NVv4 instance ensures that customers have more options to deliver graphically accelerated  Citrix workloads  on Azure while optimizing costs." - Carisa Stringer, Sr Director Workspace Services Product Marketing

"The new Azure NV_v4 series will give our Xi Frame customers a wider range of GPU options for their virtual desktop and application streaming needs. By enabling virtualized GPUs in the cloud, Azure now delivers a whole new level of value that unlocks a much broader set of use cases."  Carsten Puls, Sr. Director of Xi Frame at Nutanix.

“The flexibility that Azure NVv4 provides to share and access GPU resources as needed is a valuable feature that we see will benefit many Teradici customers. We are excited to be working with Microsoft and AMD to enable more flexible, cost-effective GPU options for virtual desktop and virtual workstation use cases such as AEC.”  Ziad Lammam, Vice President of Product Management at Teradici

“With the new AMD-powered Workspot cloud workstations and the use of industry leading cloud offerings in Azure, ASTI and Workspot are positioned to address the needs of the SMB market for Virtual Desktop Infrastructure in the AEC industry. These new AMD-powered systems will provide the computing power and graphics power of enterprise class systems, that allow an organization to spend less time managing their resources and more time completing projects.  They provide a balance of computing power and graphics performance without costly over provisioning.” Doug Dahlberg, Director of IT Operations, Applied Software (ASTI) - Workspot and Microsoft Partner

Source: azure.microsoft.com

Continue reading

Pass the Microsoft 70-464 SQL Server Database Certification Exam to Choose A DBA Career

The Microsoft 70-464 certification exam is designed for those IT professionals and database experts who have to develop, configure, and execute multiple Microsoft SQL Server Databases across their organizations. Additionally, this test aids database-related professionals to improve their career options and get salary hikes as well.

Through the Microsoft 70-464 certification exam, the IT professionals learn how to secure higher levels of data availability and develop Microsoft SQL Server Databases. The certification given after successfully passing the exam is always high in demand, and companies generally prefer to hire the database professionals with this credential.

Details of the Developing Microsoft SQL Server Databases Certification Exam

The total number of questions in this exam is generally between 45 and 55. Still, Microsoft doesn’t officially publish any specific information regarding the actual number of questions, as it is not fixed and can be changed by the company.

Generally, the number of questions depends on their weight. The Microsoft 70-464 certification exam often comprises multiple-choice questions with one or more correct answers, but there might be some scenario-based ones as well. They are added to evaluate the candidate’s actual capabilities and in-depth knowledge.

Microsoft keeps improving the pattern of the questions to collect essential data for enhancing the overall quality of the exam. The passing score of the Microsoft 70-464 exam is 700, and you have to answer accurately at least 70% of the questions to receive the certificate.

The actual passing percentage of the exam changes according to the number of questions, their pattern, and difficulty. It is deserving noting that the candidates are not penalized for giving wrong answers, so you are urged to at least try to answer every question, as you might guess some of them. The time allotted for this certification exam is two hours.

Who Can Take the Microsoft 70-464 Certification Exam?

Though this Microsoft certification exam is designed for the database professionals, any IT professional is entitled to take it and become a Certified SQL Server Database Developer.

The central line of work of such professionals is to create and execute SQL Server databases for the organization, as well as ensure data availability. As there are no severe prerequisites for taking the Microsoft 70-464 certification exam, anyone interested in working in the IT-sphere can try to pass it.

If you have just completed your college and you are interested in working as an SQL Server database developer, then you should take this test without any delay.

Read:

Microsoft 70-464 Exam - How to Pass Easily?

The responsibilities that you would have to take care of as a database developer include performing multiple database files, building data types and tables, planning and optimizing different indexes, implementing views, guaranteeing data integrity, and managing all the transactions and locks.

Tips for Passing the Microsoft 70-464 Certification Exam

• Keep yourself updated and check the official website regularly. First, make sure that you understand the exam guide, and you are intimate with its content. The Developing Microsoft SQL Server Databases exam is intended for those database professionals who have relevant experience and want to develop their careers.
• You should keep yourself refreshed by checking the official site of Microsoft regularly. In this way, you will be able to get the latest notifications regarding your particular chosen exam, such as 70-464.
• Review the exam objectives thoroughly. Many sites can help you in understanding the Microsoft 70-464 test objectives. Otherwise, you can do thorough research on the topics that are covered in this exam.
• You have to be careful while researching and re-read the information multiple times. This will aid you in understanding how you should start your preparation for the exam.
• Pay attention to AnalyticsExam practice questions. Here you can find the latest 70-464 practice exam containing all the questions and answers.
• The practice questions and answers will be valuable in several ways, such as helping you understand the exam pattern, handling your time limit, etc.
• Watch online tutorial videos and master all the needed skills for passing the exam. If you want to obtain the necessary skills for passing the 70-464 certification exam, then you have to stop watching online videos.
• You can check for the tutorial videos on various online platforms. In these tutorial videos, you will understand how the associated tasks are performed.

Conclusion

As passing the Microsoft 70-464 certification exam is not as easy as it may seem, you should get intimate with all the test topics completely. Go for the exam objectives and try to get them well.

So, If you need to establish your future career as a Microsoft SQL Server database developer, then you should begin your preparation for the exam!

Continue reading

New Azure Firewall certification and features in Q1 CY2020

We continue to be amazed by the adoption, interest, positive feedback, and the breadth of use cases customers are finding for our service. Today, we are excited to share several new Azure Firewall capabilities based on your top feedback items:

◉ ICSA Labs Corporate Firewall Certification.

◉ Forced tunneling support now in preview.

◉ IP Groups now in preview.

◉ Customer configured SNAT private IP address ranges now generally available.

◉ High ports restriction relaxation now generally available.

Azure Firewall is a cloud native firewall as a service (FWaaS) offering that allows you to centrally govern and log all your traffic flows using a DevOps approach. The service supports both application and network level filtering rules and is integrated with the Microsoft Threat Intelligence feed for filtering known malicious IP addresses and domains. Azure Firewall is highly available with built-in auto scaling.

ICSA Labs Corporate Firewall Certification

ICSA Labs is a leading vendor in third-party testing and certification of security and health IT products, as well as network-connected devices. They measure product compliance, reliability, and performance for most of the world’s top technology vendors.

Azure Firewall is the first cloud firewall service to attain the ICSA Labs Corporate Firewall Certification.

Figure one – Azure Firewall now ICSA Labs certified.

Forced tunneling support now in preview

Forced tunneling lets you redirect all internet bound traffic from Azure Firewall to your on-premises firewall or a nearby Network Virtual Appliance (NVA) for additional inspection. By default, forced tunneling isn't allowed on Azure Firewall to ensure all its outbound Azure dependencies are met.

To support forced tunneling, service management traffic is separated from customer traffic. An additional dedicated subnet named AzureFirewallManagementSubnet is required with its own associated public IP address. The only route allowed on this subnet is a default route to the internet, and BGP route propagation must be disabled.

Within this configuration, the AzureFirewallSubnet can now include routes to any on-premise firewall or NVA to process traffic before it's passed to the Internet. You can also publish these routes via BGP to AzureFirewallSubnet if BGP route propagation is enabled on this subnet.

Figure two – Creating a firewall with forced tunneling enabled.

IP Groups now in preview

IP Groups is a new top-level Azure resource in that allows you to group and manage IP addresses in Azure Firewall rules. You can give your IP group a name and create one by entering IP addresses or uploading a file. IP Groups eases your management experience and reduce time spent managing IP addresses by using them in a single firewall or across multiple firewalls.

Figure three – Azure Firewall application rules utilize an IP group.

Customer configured SNAT private IP address ranges

Azure firewall provides automatic Source Network Address Translation (SNAT) for all outbound traffic to public IP addresses. Azure Firewall doesn’t SNAT when the destination IP address is a private IP address range per IANA RFC 1918. If your organization uses a public IP address range for private networks or opts to force tunnel Azure Firewall internet traffic via an on-premises firewall, you can configure Azure Firewall to not SNAT additional custom IP address ranges.

Figure four – Azure Firewall with custom private IP address ranges.

High ports restriction relaxation now generally available

Since its initial preview release, Azure Firewall had a limitation that prevented network and application rules from including source or destination ports above 64,000. This default behavior blocked RPC based scenarios and specifically Active Directory synchronization. With this new update, customers can use any port in the 1-65535 range in network and application rules.

Continue reading

New Deploy to Azure extension for Visual Studio Code

Organizations and teams that adopt DevOps methodologies are consistently seeing improvements in their ability to deliver high-quality code, with faster release cycles, and ultimately achieve higher level of satisfaction for their own customers, whether they’re internal or external. Continuous Integration and Continuous Delivery (CI/CD) is one of the pillars of DevOps, consisting in automatically building, testing and deploying applications, but setting up a full CI/CD pipeline can be a complex task.

This new extension allows developers working in Visual Studio Code to seamlessly create, build, and deploy their apps in a continuous manner to the cloud, without leaving the editor.

Deploy to Azure extension

The Deploy to Azure extension works with both GitHub Actions and Azure Pipelines. It helps developers by auto-generating a CI/CD pipeline definition that takes care of building and deploying your app to the cloud with Azure. You can use Deploy to Azure extension to deploy application code present in your local system, or in Azure Repos or GitHub. We plan to expand the scope to other Git repositories in future.

You can use this extension to set up CI/CD pipeline for every code push. It will give you an auto-generated and fully-customizable CI/CD pipeline, defined in a YAML file that is formatted for either GitHub Actions or Azure Pipelines. The YAML file is pre-populated with build and release tasks, which can be edited by the developers as needed.

In the workflow, we are also setting up Azure Pipelines and GitHub with relevant Azure-related configurations, as well as repository-related configurations, without you needing to do worry about the plumbing of the systems.

Installation and usage

The Deploy to Azure extension can be downloaded for free from the Visual Studio Code Marketplace. After installing it, you can invoke it from the Command Palette (Ctrl + P or Cmd + P) > Deploy to Azure: Configure Pipeline.

Once you run the pipeline creation workflow, the extension will inspect your application’s code and generate a pipeline optimized for your project.

In this first release, the Deploy to Azure extension in Visual Studio Code supports generating pipelines to deploy Node.js-based apps to Azure App Service or Azure Functions App, as well as any containerized application (with a Dockerfile) to Azure Kubernetes Service.

We’re working on adding support for creating workflows for other languages, starting with Python, and for other Azure resources. Additionally, we will roll out support for other Git repository providers; in addition to GitHub and Azure Repos which are available today, we’re working on supporting source code on BitBucket and other locations.

We will also roll out support for other Git repository providers; in addition to GitHub and Azure Repos which are available today, we’re working on supporting source code on BitBucket and other locations.

Continue reading

Unified network monitoring with Connection Monitor now in preview

Azure Network Watcher’s new and improved Connection Monitor now provides unified end-to-end connection monitoring capabilities for hybrid and Azure deployments. Users can now use the same solution to monitor connectivity for on-premises, Azure, and multi-cloud setups. In this preview phase, the solution brings together the best of two key capabilities—Network Watcher's Connection Monitor and Network Performance Monitor's (NPM) Service Connectivity Monitor.

The monitoring question

Customers have long stressed over the need for unified connection monitoring for hybrid deployments, where complex applications transact across Azure, on-premises, and with other public applications to deliver business-critical functionality. These challenges escalate in multi-cloud environments. Monitoring teams then wrestle with basic challenges including:

◉ Which monitoring solution to use in these complex set-ups?

◉ Do I need different monitoring solutions for on-premises and Azure or any other clouds?

◉ Where does my data go and how do I correlate data from multiple sources?

◉ How do I get the fastest alerts when things go wrong in my network?

Connection Monitor in preview

With the new Connection Monitor, you can now configure both Azure and non-Azure virtual machines and hosts for monitoring connectivity to global endpoints from a single console. You can set up Connection Monitor and create multiple test groups for various use cases including connectivity between Azure regions, connectivity to Office 365, and connectivity between app and database tiers. With the ability to add multiple sources and destinations in one test group, configuring monitoring gets much easier. You also benefit from an aggregated view of your network parameters, with the ability to drill down to individual links at the time of troubleshooting.

You can monitor loss and latency of network connections both within Azure and between Azure and external destinations, and view the topology to localize issues. The solution identifies the top five tests in your Connection Monitor, test groups, sources, and destinations, then highlights potential problem tests. For Azure resources, issues with your hops are shown in the topology.

Alerts and data storage

Monitoring data is stored in both Azure Monitor as metrics and in Log Analytics workspaces. You can now set up fast, metrics-based alerts to react to issues expeditiously. To build additional correlations on your historical data, use Log Analytics queries.

Other benefits

◉ Single console for configuring and monitoring connectivity and network quality from Azure and on-premises virtual machines and hosts.

◉ Monitor multiple endpoints within and across Azure regions, on-premises sites, and global service locations.

◉ Higher and configurable probing frequencies.

◉ More protocols supported to give better visibility into network performance.

◉ Cross-region, cross-workspace monitoring.

◉ Access to historical monitoring data retained in Log Analytics.

◉ Rich user experience.

◉ Automation through PowerShell and CLI.

Continue reading

Announcing the general availability of Azure Monitor for virtual machines

Today we're announcing the general availability of Azure Monitor for virtual machines (VMs), which provides an in-depth view of VM performance trends and dependencies. You can access Azure Monitor for VMs from the Azure VM resource blade to view details about a single VM, from the Azure Virtual Machine Scale Sets (VMSS) resource blade to view details about a single VM scale set, and from Azure Monitor to understand compute issues at scale.

Azure Monitor for VMs brings together key monitoring data about your Windows and Linux VMs, allowing you to:

◉ Troubleshoot guest-level performance issues and understand trends in VM resource utilization.
◉ Determine whether back-end VM dependencies are connected properly and which clients of a VM may be affected by any issues the VM is having.
◉ Discover VM hotspots at scale based on resource utilization, connection metrics, performance trends, and alerts.

Performance

Performance views are powered by Log Analytics, and offer powerful aggregation and filtering capabilities including “Top N” VM sorting and searching across subscriptions and regions, aggregation of VM metrics (such as average memory) across all VMs in a resource group across regions, percentiles of performance values over time, and breakdown and selection of VM Scale Set instances.

It can be challenging to monitor thousands of VMs. Our performance views were created to address this problem. You can use them to figure out which VMs are resource constrained, which ones are having logical disk or memory consumption issues, or to get performance diagnostics.

Maps

Azure Monitor for VMs includes dependency maps powered by the Service Map dependency agent extension. Maps deliver an Azure-centric user experience, with VM resource blade integration, Azure metadata, and dependency maps for Resource Groups and Subscriptions. Maps show how VMs and processes are interacting and can identify dependencies on third party services. Azure Monitor for VMs also monitors connection failures, live connection counts, network bytes sent and received by process, and service-level latency.

In addition to the visual experience and group-level mapping in the user experience, you can query the data sets in Log Analytics to alert on spikes in network traffic from selected workloads, query at scale for failed dependencies, and plan Azure migrations from on-premises VMs by analyzing connections over weeks or months. To assist in this analysis we offer several workbooks that provide tabular views into this rich network data set.

Getting started

To get started with an Azure resource, go to the resource blade for your VM or VM scale set and click on Insights in the Monitoring section. When you click Enable, you’ll be prompted to pick an existing Log Analytics workspace or create one.

Once you’re comfortable with the capabilities on a few VMs, you can view VMs at scale in Azure Monitor under Virtual Machines, and on-board to entire resource groups and subscriptions using our Get Started page, Azure Policy, or Powershell

Continue reading

IoT Signals energy report: Embracing transparent, affordable, and sustainable energy

The increased use of renewables, resiliency challenges, and sustainability concerns are all disrupting the energy industry today. New technologies are accelerating the way we source, store, and distribute energy. With IoT, we can gain new insights about the physical world that enables us to optimize and create more efficient processes, reduce energy waste, and track specific consumption. This is a great opportunity for IoT to support power and utilities (P&U) companies across grid assets, electric vehicles, energy optimization, load balancing, and emissions monitoring.

We've recently published a new IoT Signals report focused on the P&U industry. The report provides an industry pulse on the state of IoT adoption to help inform us how to better serve our partners and customers, as well as help energy companies develop their own IoT strategies. We surveyed global decision-makers in P&U organizations to deliver an industry-level view of the IoT ecosystem, including adoption rates, related technology trends, challenges, and benefits of IoT.

The study found that while IoT is almost universally adopted in P&U, it comes with complexity. Companies are commonly deploying IoT to improve the efficiency of operations and employee productivity, but can be challenged by skills and knowledge shortages, privacy and security concerns, and timing and deployment issues. To summarize the findings:

Top priorities and use cases for IoT in power and utilities

1. Optimizing processes through automation is critical for P&U IoT use. Top IoT uses cases in P&U include automation-heavy processes such as smart grid automation, energy optimization and load balancing, smart metering, and predictive load forecasting. In support of this, artificial intelligence (AI) is often a component of energy IoT solutions, and they are often budgeted together. Almost all adopters have either already integrated AI into an IoT solution or are considering integration.

2. Using IoT to improve both data security and employee safety is a top priority. Almost half of decision-makers we talked to use IoT to make their IT practices more secure. Another third are implementing IoT to make their workplaces safer, as well as improve the safety of their employees.

3. P&U companies also leverage IoT to secure their physical assets. Many P&U companies use IoT to secure various aspects of their operations through equipment management and infrastructure maintenance.

4. The future is bright with IoT adoption continuing to focus on automation, with growth in adoption for use cases related to optimizing energy and creating more efficient maintenance systems.

Today, customers around the world are telling us they are heavily investing in four common use cases for IoT in the energy sector:

Grid asset maintenance

Visualize your grid’s topology, gather data from grid assets, and define rules to trigger alerts. Use these insights to predict maintenance and provide more safety oversight. Prevent failures and avoid critical downtime by monitoring the performance and condition of your equipment.

Energy optimization and load balancing

Balance energy supply and demand to alleviate pressure on the grid and prevent serious power outages. Avoid costly infrastructure upgrades and gain flexibility by using distributed energy resources to drive energy optimization.

Emissions monitoring and reduction

Monitor emissions in near real-time and make your emissions data more readily available. Work towards sustainability targets and clean energy adoption by enabling greenhouse gas and carbon accounting and reporting.

E-mobility

Remotely maintain and service electric vehicle (EV) charging points that support various charging speeds and vehicle types. Make it easier to own and operate electric vehicles by incentivizing ownership and creating new visibility into energy usage.

Continue reading

Plan migration of physical servers using Azure Migrate

At Microsoft Ignite, we announced new Microsoft Azure Migrate assessment capabilities that further simplify migration planning. In this post, I will talk about how you can plan migration of physical servers. Using this feature, you can also plan migration of virtual machines of any hypervisor or cloud. You can get started right away with these features by creating an Azure Migrate project or using an existing project.

Previously, Azure Migrate: Server Assessment only supported VMware and Hyper-V virtual machine assessments for migration to Azure. At Ignite 2019, we added physical server support for assessment features like Azure suitability analysis, migration cost planning, performance-based rightsizing, and application dependency analysis. You can now plan at-scale, assessing up to 35K physical servers in one Azure Migrate project. If you use VMware or Hyper-V as well, you can discover and assess both physical and virtual servers in the same project. You can create groups of servers, assess by group and refine the groups further using application dependency information.

While this feature is in preview, the preview is covered by customer support and can be used for production workloads. Let us look at how the assessment helps you plan migration.

Azure suitability analysis

The assessment checks Azure support for each server discovered and determines whether the server can be migrated as-is to Azure. If incompatibilities are found, remediation guidance is automatically provided. You can customize your assessment by changing its properties, and recomputing the assessment. Among other customizations, you can choose a virtual machine series of your choice and specify the uptime of the workloads you will run in Azure.

Cost estimation and sizing

Assessment also provides detailed cost estimates. Performance-based rightsizing assessments can be used to optimize on cost; the performance data of your on-premise server is used to recommend a suitable Azure Virtual Machine and disk SKU. This helps to optimize on cost and right-size as you migrate servers that might be over-provisioned in your on-premise data center. You can apply subscription offers and Reserved Instance pricing on the cost estimates.

Dependency analysis

Once you have established cost estimates and migration readiness, you can plan your migration phases. Using the dependency analysis feature, you can understand which workloads are interdependent and need to be migrated together. This also helps ensure you do not leave critical elements behind on-premise. You can visualize the dependencies in a map or extract the dependency data in a tabular format. You can divide your servers into groups and refine the groups for migration by reviewing the dependencies.

Assess your physical servers in four simple steps

◉ Create an Azure Migrate project and add the Server Assessment solution to the project.

◉ Set up the Azure Migrate appliance and start discovery of your server. To set up discovery, the server names or IP addresses are required. Each appliance supports discovery of 250 servers. You can set up more than one appliance if required.

◉ Once you have successfully set up discovery, create assessments and review the assessment reports.

◉ Use the application dependency analysis features to create and refine server groups to phase your migration.

When you are ready to migrate the servers to Azure, you can use Server Migration to carry out the migration. In the coming months, we will add support for application discovery and agentless dependency analysis on physical servers as well.

Note that the inventory metadata gathered is persisted in the geography you select while creating the project. You can select a geography of your choice. Server Assessment is available today in Asia Pacific, Australia, Brazil, Canada, Europe, France, India, Japan, Korea, United Kingdom, and United States geographies.

Continue reading

A secure foundation for IoT, Azure Sphere now generally available

Our mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. General availability is an important milestone for our team and for our customers, demonstrating that we are ready to fulfill our promise at scale. For Azure Sphere, this marks a few specific points in our development. First, our software and hardware have completed rigorous quality and security reviews. Second, our security service is ready to support organizations of any size. And third, our operations and security processes are in place and ready for scale. General availability means that we are ready to put the full power of Microsoft behind securing every Azure Sphere device.

The opportunity to release a brand-new product that addresses crucial and unmet needs is rare. Azure Sphere is truly unique, our product brings a new technology category to the Microsoft family, to the IoT market, and to the security landscape.

IoT innovation requires security

The International Data Corporation (IDC) estimates that by 2025 there will be 41.6 billion connected IoT devices. Put in perspective, that’s more than five times the number of people on earth today. When we consider why IoT is growing so rapidly, the astounding pace is being driven by industries and companies that are investing in IoT to pursue long-term, real-world impact. They’re looking to harness the power of the intelligent edge to make daily life effortless, to transform businesses, to create safer working and living conditions, and to address some of the world’s most pressing challenges.

Innovation, no matter how valuable, is not durable without a foundation of security. If the devices and experiences that promise to reshape the world around us are not built on a foundation of security, they cannot last. But when innovation is built on a secure foundation, you can be confident in its ability to endure and deliver value long into the future. Durable innovation requires future-proofing IoT investments by planning and investing in security upfront.

IoT security is complex and the threat landscape is dynamic. You have to operate under the assumption that attacks will happen, it's not a matter of if but when. With this in mind, we built Azure Sphere with multiple layers of protection and with continually improving security so that it’s possible to limit the reach of an attack and renew and enhance the security of a device over time. Azure Sphere delivers foundational security for durable innovation.

Security is complex, but it doesn’t have to be complicated

Many of the customers we talk to struggle to define the specific IoT security measures necessary for success. We’ve leveraged our deep Microsoft experience in security to develop a very clear view of what IoT security requires. We found that there are seven properties that every IoT device must have in order to be secured. These properties clearly outline the requirements for an IoT device with multiple layers of protection and continually improving security.

Any organization can use the seven properties as a roadmap for device security, but Azure Sphere is designed to give our customers a fast track to secured IoT deployments by having all seven properties built-in. It makes achieving layered, renewable security for connected devices an easy, affordable, no-compromise decision.

Azure Sphere is a fully realized security system that protects devices over time. It includes four components, three of which are powered by technology, the Azure Sphere-certified chips that go into every device, the Azure Sphere operating system (OS) that runs on the chips, and the cloud-based Azure Sphere Security Service.

Every Azure Sphere chip includes built-in Microsoft security technology to provide a dependable hardware root of trust and advanced security measures to guard against attacks. The Azure Sphere OS is designed to limit the potential reach of an attack and to make it possible to restore the health of the device if it’s ever compromised. We continually update our OS, proactively adding new and emerging protections. The Azure Sphere Security Service reaches out and guards every Azure Sphere device. It brokers trust for device-to-cloud and device-to-device communication, monitors the Azure Sphere ecosystem to detect emerging threats, and provides a pipe for delivering application and OS updates to each device. Altogether, these layers of security prevent any single point of failure that could leave a device vulnerable.

The fourth component may be the most important: our Azure Sphere team. These are some of the brightest minds in security and they’re dedicated to the security of every single Azure Sphere device. Our team is at work identifying emerging security threats, creating new countermeasures, and deploying them to every Azure Sphere device. We are fighting the security battle, so our customers don’t have to.

Security obsessed, customer-driven

The challenges of IoT device security that keep us up at night lead to the features and capabilities that give our customers peace of mind. It’s ambitious and demanding work. To realize the defense-in-depth approach we had to integrate multiple distinct technologies and their related engineering disciplines. Our team can’t think about any component in isolation. Instead, we work from a unified view of interoperability and dependencies that brings together our silicon, operating system, SDK, security services, and developer experience. Having a clear mission gives us a shared focus to strategize and collaborate across teams and technologies. By eliminating boundaries among technologies or engineering teams, we’ve been able to create a product far greater than the sum of its parts.

We also made a point to collaborate with our early customers. We’ve used public preview to learn and improve how we deliver security in a way that supports customer and partner needs. Working closely with a wide range of customers has helped shape our investments in hardware, features, capabilities, and services. To support customers across the breadth of their IoT journeys, we’ve built strong partnerships with leading silicon and hardware manufacturers. This gives customers more choice, more implementation options, and new offerings that can speed time to market. Right now, customers are using Azure Sphere to securely connect everything from espresso machines to datacenters. Between those examples, there’s a whole range of use cases for home and commercial appliances, industrial manufacturing equipment, smart energy solutions, and so much more.

Our customers across a wide array of industries are putting their trust in Azure Sphere as they connect and secure equipment, drive improvements, reduce costs, and mitigate the real risks that cyberattacks present.

The Azure Sphere commitment

“Culture eats strategy for breakfast.” Only when we ground everything we do in our culture, can we support what’s necessary to execute a brilliant strategy. What we’ve set out to achieve with Azure Sphere is ambitious and Microsoft is deeply invested in a culture that can support the most ambitious ideas. We apply a growth mindset to everything we do and always strive to learn more about our customers. We actively seek diversity and practice inclusion as we work together toward the ultimate pursuit of making a difference in the world. Guided by our belief that a strong culture is an essential foundation for bringing our vision to life, we’ve focused on culture from the beginning.

To bring together the right technology and tactics as a single, end-to-end solution at scale, is an amazing amount of work that requires true teamwork. We’ve built a team with a broad variety of backgrounds, experience, and expertise across multiple disciplines to work together on Azure Sphere. To support collaboration and creativity, we have nurtured the Microsoft cultural values by practicing fearlessness, trustworthiness, and kindness. Without a strong and positive culture, the work we do would be much harder and far less fun. Our culture gives us the confidence to tackle seemingly impossible challenges and the freedom to take bold steps forward.

Azure Sphere general availability is a culmination of the focus, commitment, and investment we make as a team to realize our shared vision. I’m incredibly proud of the Azure Sphere team and what we’ve built together. And I’m grateful to share this accomplishment with all of the teammates, partners, and customers who have been a part of our journey to general availability. We’re ready to be our customers’ trusted partner in device security so that they can focus on unleashing innovation in their products and in their businesses.

Continue reading