Category Archives: Data Protection Manager

System Center: guide to release options and roadmap

For System Center products you have the option of choosing two different release: Long-Term Servicing Channel (LTSC) or Semi-Annual Channel. In this article will be reported the features of each release model and what aspects should be taken into consideration to make the most correct choice. You will also see planned roadmap for releases of System Center products.

Characteristics of Semi-Annual Channel

The release channel defined Semi-Annual Channel is characterized by these elements:

  • Are released approximately two product releases every year. This releases include new features, improvements and resolution of issues.
  • The versions are identified by a four-digit number, two for the year and two for the month. To date, two versions have already been released, the 1801 (January 2018) and the 1807 (July 2018).
  • Given the rapid release cycles, there are not expected Update Releases (UR) for products belonging to this release channel.
  • The Semi-Annual Channel releases have a support of 18 months from the date of publication.
  • The use of products released in the Semi-Annual Channel is only open to Microsoft customers with a Software Assurance contract.

Considering the constant releases and the support period not particularly long, it follows that this channel is suitable for customers with the aim to innovate in a constant and fast way, to keep up with the rapid evolution of the cloud.

Characteristics of Long Term Servicing Channel (LTSC)

The release model defined Long-Term Servicing Channel (LTSC) has the following features:

  • A new major version of System Center is released approximately every two or three years. The latest version is now System Center 2016 and in the future will be released System Center 2019.
  • In the LTSC products receive updates, inclusive of security updates, through Update Releases (UR). The Update Releases (UR) do not contain the new features included in the releases belonging to the Semi-Annual Channel, which will be incorporated into the next release in the Long-Term Servicing Channel.
  • The products belonging to the LTSC have 5 years of mainstream support and more 5 years of extended support.
  • Products belonging to the Long-Term Servicing Channel (LTSC) may be adopted by our customers regardless of the licensing model that adhere (Software Assurance is not needed).

The use of the products in the Long-Term Servicing Channel (LTSC) is appropriate in case you want to have a longer period of service of products and greater stability of the services functionality.

Additional considerations

In terms of compatibility, unless several communications, the minimum requirements to use System Center products belonging to the Semi-Annual Channel are the same as the latest version of the System Center product released in Long-Term Servicing Channel.

Customers with Software Assurance can do theupgrade of products of System Center 2016 or 2012 R2 to System Center products released in the Semi-Annual Channel model. Upgrading from release of the Semi-Annual Channel towards release belonging to the LTSC is not supported.

System Center roadmap

For System Center products was announced by Microsoft the following roadmap:

Figure 1 – System Center Roadmap

The figure below lists the currently available versions of the System Center products, with a summary of the main features introduced.

Figure 2 – Current versions of System Center and main features

In addition to the upcoming release of the Update Release 6 of System Center 2016, in the coming year will be released System Center 2019 and the new release belonging to the Semi-Annual Channel. These releases introduce new functionality to provide integration and full support of Windows Server 2019. Following, there are the next planned releases for System Center:

Figure 3 – Future releases of System Center and main features

Other useful references

Conclusions

With this release model of new versions of System Center products, you should make a careful choice by establishing the most suitable for your needs and your business model. To do it in the best way you should be aware of the characteristics of each model and all that it follows from this choice.

OMS and System Center: What's New in July 2018

Microsoft announces constantly news about Operations Management Suite (OMS) and System Center. As usual our community releases this monthly summary that provides a general overview of the main new features of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

Operations Management Suite (OMS)

Azure Log Analytics

The possible integration of Azure Data Factory (ADF) with Azure Monitor lets you send usage metrics to Operations Management Suite (OMS). The new solution Azure Data Factory Analytics, available in the Azure marketplace, can provide an overview of the State of health of the Data Factory, allowing you to go into detail of the information collected. This can be very useful for troubleshooting. It is also possible to collect metrics from different data factories to the same workspace of OMS Log Analytics. For configuration details required to use this solution, you can see the official documentation.

Figure 1 – Overview of the new Azure Data Factory Analytics solution

In Log Analytics, query execution introduces the ability to easily select the workspace on which to execute the queries.:

Figure 2 - Selection of the workspace on which to perform the Log Analytics query

The same possibility is also introduced in Azure Application Insights Analytics. This feature is useful because in each query tab you can select the specific workspace, avoiding having to open Log Analytics in different browser tabs.

In case they are collected custom logs in Azure Log Analytics, a separate category was created called "Custom Logs", where they are grouped.

Figure 3 – Grouping of custom logs in the specific category

For workspace of Log Analytics present in the region of West Europe, East US, and West Central was announced the availability in public preview of Metric Alerts for logs. The Metric alerts for logs allow you to use data from Log Analytics as metrics of Azure Monitor. The types of supported logs has been extended and the complete list is available at this link. For more information please visit the official documentation.

Azure Backup

In Azure Pricing Calculator, the official Microsoft tool for estimating the cost of Azure services, has been made possible to obtain a more accurate estimate of the costs of Azure Backup, allowing you to specify different retention range for the Recovery Points.

Figure 4 – New parameters to make a more accurate estimate of costs of Azure Backup

 

Azure Site Recovery

For Azure Site Recovery was released theUpdate Rollup 26 introducing new versions for the following components:

  • Microsoft Azure Site Recovery Unified Setup/Mobility agent (version 9.17.4897.1): used for replication scenarios from VMware to Azure.
  • Microsoft Azure Site Recovery Provider (version 5.1.3400.0): used for replication scenarios from Hyper-V to Azure or to a secondary site.
  • Microsoft Azure Recovery Services agent (version 2.0.9122.0): used for replication scenarios from Hyper-V to Azure.

The installation of this update rollup is recommended in deployments where there are components and their respective versions below reported:

  • Unified Setup/Mobility agent version 9.13.000.1 or later.
  • Site Recovery Provider version 5.1.3000 or later.
  • Hyper-V Recovery Manager 3.4.486 or later.
  • Site Recovery Hyper-V Provider 4.6.660 or later.

For more information on the issues resolved, on improvements from this Update Rollup and to get the procedure for its installation is possible to consult the specific KB 4344054.

Azure Automation

Regarding Azure Automation has been introduced the possibility to configure the Hybrid Runbook Workers so that they can execute only runbooks digitally signed (the execution of unsigned runbooks not fail). The procedure to be followed is reported in this section of the Microsoft's article.

System Center

Following the first announcement of the Semi-Annual Channel release of System Center, took place in February with the version 1801, this month has been released the new update release, System Center 1807.

The update release 1807 introduces new features for Virtual Machine Manager and Operations Manager, while for Data Protection Manager, Orchestrator and Service Manager contains fixes for known issues (including bug fixes present in the UR5 for System Center 2016, released in April).

What's new in Virtual Machine Manager 1807
  • Supports selection of CSV for placing a new VHD
  • Display of LLDP information for networking devices
  • Convert SET switch to logical switch
  • VMware host management: VMM 1807 supports VMware ESXi v6.5 servers in VMM fabric
  • Support for S2D cluster update
  • Support for SQL 2017
What's new in Operations Manager 1807
  • Configure APM component during agent install or repair
  • Linux log rotation
  • HTML5 Web console enhancements
  • Support for SQL Server 2017
  • Operations Manager and Service Manager console coexistence

For further details please visit the Microsoft official documentation:

System Center 1807 can be download from System Center Evaluation Center.

For all System Center products (DPM, SCORCH, SM, SCOM and VMM) you can now Update existing deployments going from SQL server 2016 to SQL server 2017.

Please remember that the release belonging to the Semi-Annual Channel have support for 18 months.

System Center Configuration Manager

Released the version 1807 for the branch Technical Preview of System Center Configuration Manager. The main novelty in this release is l & #8217; introduction of the new Community hub, through which you can share scripts, reports, configuration items and more, about Configuration Manager. Through the community hub, accessible from the SCCM console, you can introduce into your environment solutions provided by the community.

Among the new features in this release are also:

  • Improvements to third-party software updates
  • Co-managed device activity sync from Intune
  • Approve application requests via email
  • Repair applications
  • Admin defined offline operating system image servicing drive
  • Improvements to run scripts

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

In order to configure the connection between Operations Management Suite (OMS) and System Center Operations Manager you must import the following new management packs, version-specific:

This change to the MPs was made necessary to allow proper communication with new APIs of OMS Log Analytics, introduced after moving towards the Azure Portal of Log Analytics.

Figure 5 - SCOM Wizard for the OMS onboarding

It is reported the new wave of System Center Operations Manager management packs released for SQL Server, now lined up to version 7.0.7.0:

In July were also released the following Management Packs for the Open Source software, version 7.7.1129.0, which include the following news:

Apache HTTP Server

  • Supports Apache HTTP Server version 2.2 and 2.4
  • Provides monitoring of busy and idle workers
  • Provides monitoring of resource usage – memory and CPU
  • Provides statistics for virtual hosts such as “Requests per Minute” and “Errors per Minute”
  • Provides alerting for SSL Certificate expiration

MySQL Server

  • Supports MySQL Server version 5.0, 5.1, 5.5, 5.6, and 5.7
  • Supports MariaDB Server version 5.5, and 10.0
  • Provides monitoring of databases
  • Provides monitoring of disk space usage for server and databases
  • Provides statistics for Key Cache, Query Cache, and Table Cache
  • Provides alerting for slow queries, failed connections, and full table scans

The following new MPs have also been released by Microsoft:

  • MP for Active Directory Federation Services version 0.2.0
  • MP for Active Directory Federation Services 2012 R2 version 1.10172.1
  • MP for Microsoft Azure version 5.20.18

Please also note the new community version (1807) of the Azure Management Pack, issued by Daniele Grandini.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To try out the various components of System Center, you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in June 2018

In June have been announced, by Microsoft, a considerable number of news about Operations Management Suite (OMS) and System Center. Our community, through these articles released monthly, aims to provide a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Operations Management Suite (OMS)

Log Analytics

Recently it was officially announced that the OMS portal will be deprecated, in favour of the Azure Portal. In this article are examined the aspects related to this change and what you should know to avoid being caught unprepared.

Figure 1 - Notifications in the OMS portal

Azure Backup

Azure Backup is enriched with an important new feature that allows you to natively protect SQL workload, running in IaaS virtual machines that reside in Azure. In this article are showed the benefits and the characteristics of this new feature.

Figure 2 – Protection of SQL Server on Azure VMs with Azure Backup

Released an updated version of the’Azure Backup agent (MARS), which can be obtained by accessing this link.

Using Azure Backup there is the possibility of generating the reports needed to be able to easily check the status of resource protection, details on the different backup jobs configured, the actual storage utilization and status of its alert. All this is made possible by using Power BI, allowing you to have a high degree of flexibility in the generation and customization of reports. In this video, recently published, there is show how to configure a Power BI workspace for sharing reports of Azure Backup within your organization. To analyze the steps required to configure the reporting of Azure Backup you can refer this article.

Figure 3 – Sharing PowerBI reports of Azure Backup

Azure Backup introduces the ability to protect workloads running on Azure Stack environment. The tenant who use the Azure Stack solution can then have a short term protection directly on the Azure Stack environment and can make use of Azure Recovery Service vault for long term retention and to perform offsite. For more details on this you can consult therelease announcement.

Figure 4 – Azure Stack Tenant backup with Microsoft Azure Backup Server

Azure Site Recovery

In Azure Site Recovery (ASR) was announced in "general availability (GA)" the ability to configure the Disaster Recovery (DR) of Azure Virtual Machines. Configuring the replication of virtual machines in different regions of Azure, you have the ability to make applications resilient to a fault affecting a specific Azure region. This feature is available in all the Azure regions where you can use ASR. Azure is the first public cloud to offer a native solution for Disaster Recovery for applications that run in IaaS.

During the preview, Microsoft has taken into account the different feedback from the customers and added to the solution, the following import capabilities:

We highlight these useful references regarding this solution:

Security and Audit

The solution Azure Network Security Group Analytics will be replaced by Traffic Analytics that was released in General availability (GA). This solution, fully cloud-based, allows you to have an overall visibility on network activities that are undertaken in the cloud environment. For more details about you can see "How to monitor network activities in Azure with Traffic Analytics"

System Center

System Center Data Protectrion Manager

In environments where System Center Data Protection Manager (SCDPM) is connected to Azure Backup service was introduced the ability to view all the items protected, details on the use of storage and information about the recovery points, direct from the Azure Portal, within the Recovery Service vault. This feature is supported for SCDPM 2012 R2, 2016 and for Azure Backup Server v1 and v2, as long as you have the latest version of Azure Backup Agent (MARS).

Figure 5 – Information from DPM outlined in Recovery Service vault

System Center Configuration Manager

It is usually released a technical preview per month in Configuration Manager, but this month, due to the considerable number of new features, they were released two.

The first is the version 1806 for the Technical Preview branch of System Center Configuration Manager. The main innovation introduced by this update is the addition of support for third-party software update catalogs. From the Configuration Manager console, you can easily subscribe to third-party software update catalogs, then publish updates via Software Update Point. These updates will be issued to the client by using the classic method of Configuration Manager to deploy software update.

Figure 6 – Access to third-party software update catalogs from the SCCM console

In addition to this new feature were released updates on:

  • Sync MDM policy from Microsoft Intune for a co-managed device
  • Office 365 workload transition in co-management
  • Configure Windows Defender SmartScreen settings for Microsoft Edge
  • Improvements to the Surface dashboard
  • Office Customization Tool integration with the Office 365 Installer
  • Content from cloud management gateway
  • Simplified client bootstrap command line
  • Software Center infrastructure improvements
  • Removed Network Access Account (NAA) requirement for OSD Boot Media
  • Removed Network Access Account (NAA) requirement for Task Sequences
  • Package Conversion Manager
  • Deploy updates without content
  • Currently logged on user information is shown in the console
  • Provision Windows app packages for all users on a device

The second is the version 1806.2 for the Technical Preview branch of System Center Configuration Manager, that mainly includes the following news related to the Phased deployment:

  • Ability to monitor the status natively, from the Deployments node.
  • Ability to create Phased deployment of applications and not just for task sequences.
  • Ability to carry out a gradual rollout during the deployment phase.

Also this preview contains updates regarding:

  • Management Insights for proactive maintenance
  • Mobile apps for co-managed devices
  • Support for new Windows app package formats
  • New boundary group options for optimized P2P behaviors
  • Third-party software updates support for custom catalogs
  • Compliance 9 – Overall health and compliance (Report)

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Released an updated version of the Management Pack for OS Windows Server 2016 and 1709 Plus which includes several updates and issues resolutions. For further information you can consult this article.

Released the version 8.2 of the MP Author that includes several improvements. For a list of what's new in this version you can see theofficial announcement of the release.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in April 2018

Microsoft announces constantly news about Operations Management Suite (OMS) and System Center. Our community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references to conduct any insights.

Operations Management Suite (OMS)

Log Analytics

Microsoft has decided to extend the Alerts in Log Analytics from OMS to the Azure Portal, centralizing on Azure Monitor. This process will be done automatically starting from 14 May 2018 (the date has been postponed, Initially it was planned for 23 April), will not result in any change to the configuration of Alerts and related queries, and it does not foresee any downtime for its implementation. For further details please consult the specific article “The extension of Log Analytics Alerts in Azure Monitor“.

Figure 1 – Notification of alerts extension in the OMS portal

To avoid situations where, the resources managed in Log Analytics may send in an unexpected way a high volume of data to the OMS Workspace, is introduced the ability to set a Daily Volume cap. This allows you to limit the data ingestion for your workspace. You can configure the Data volume cap in all regions, accessing to the section Usage and estimated costs:

Figure 2 – Setting the Daily volume cap

The portal also shows the trend of the volume of data in the last 31 days and the total volume of data, grouped by solution:

Figure 3 – Data ingestion for solution (latest 31 days and total)

Log Search API usage, used by the old Log Analytics query language, has been deprecated since 30 April 2018. The Log Search API has been replaced with theAzure Log Analytics REST API, which supports the new query language and introduces greater scalability than the results you can return. For more details on this you can consult theofficial announcement.

Agent

This month the new version ofOMS agent for Linux systems resolves a significant number of bugs and introduces new versions of the various components. It also introduced support for Debian 9, AWS 2017 and Open SSL 1.1. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.6.0-42.

Figure 4 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

As for Azure Backup, have been announced the following improvements in service scalability:

  • Ability to create up to 500 recovery services vaults in every subscription for region (previously the limit was 25).
  • The number of virtual machines that can be registered in each vault is increased to 1000 (it was previously 200).

Azure Backup, for the protection of Azure Iaas VM, now supports the storage account secured using storage firewalls and Virtual Networks. More details about this can be found on Microsoft's official blog.

Figure 5 - Protection of Azure Iaas VM in storage protected scenarios

There are different rules to enable the long-term backup for Azure SQL Database . The procedure, to keep the backup of Azure SQL DB up to 10 years, expected saving in an Azure Recovery Vault Service. By introducing this new feature, you have the option to keep the long-term backup directly within an Azure Blob Storage and will terminate the need for a Recovery Vault Service. All this gives you more flexibility and greater control of costs. For more details about it you can see the article SQL Database: Long-term backup retention preview includes major updates.

System Center

System Center Configuration Manager

For System Center Configuration Manager has been released the version 1804 for the Technical Preview branch. In addition to general improvements in the solution this update introduce new features concerning the OSD, the Software Center and the Configuration Manager infrastructure. All the new features included in this update can be found in the article Update 1804 for Configuration Manager Technical Preview Branch. Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Microsoft has released theUpdate Rollup 5 (UR5) for System Center 2016 Long-Term Servicing Channel (LTSC). This update does not introduce new features, but fixes several bugs.

Following, are the references, about this update, for each System Center product:

There are no updates regarding Service Provider Foundation.

System Center Operations Manager 1801 introduces support for Kerberos authentication when the protocol WS-Management is used from the management server for the communication with UNIX and Linux systems. This allows you to have a higher level of security, eliminating the need to enable basic authentication for Windows Remote Management (WinRM).

Also in System Center Operations Manager 1801 introduces the following improvements on the management of the Linux log file monitor:

  • Support for Wild Card characters in the name and path of the log file.
  • Support for new match patterns that allow customized searches of log.
  • Support for pluging Fluentd published by fluentd community.

Below there are the news concerning the Management Pack of SCOM:

  • MP for Windows Server Operating System 2016 and 1709 Plus 10.0.19.0
  • MP for SQL Server 2008-2012 7.0.4.0
  • MP for SQL Server 2014 7.0.4.0
  • MP for SQL Server 2016 7.0.4.0
  • MP for Microsoft SQL Azure Database 7.0.4.0
  • MP for SQL Server Dashboards 7.0.4.0
  • MP for UNIX and Linux 7.6.1085.0

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in February 2018

The month of February was full of news and there are different updates that affected Operations Management Suite (OMS) and System Center. This article summarizes in concise terms to have a global vision and it contains the necessary references to learn more about it.

Operations Management Suite (OMS)

Log Analytics

Everyone who uses Azure ExpressRoute will be glad to know that you can now monitor it by using the Network Performance Monitor (NPM). This feature has been in previews for a few months and has now passed in the state of general availability. Among the features of this monitor solution we find:

  • Ability to view interactively, using the topology view of NPM, the various components (network on-premises, circuit provider edge, circuit ExpressRoute, edge Microsoft, and the Azure VMs) and latency measured in each hop. This allows you to easily identify any performance issues in connectivity and quickly locate the problematic segment of communication.
  • Ability to view the bandwidth usage of primary and secondary ExpressRoute circuit . Thanks to drill-down is also possible to intercept the bandwidth usage for each vNet connected to the ExpressRoute circuit.
  • Ability to create queries and custom views thanks to the fact that all details of the solution are available in the repository of Log Analytics and therefore you can use the native search functionality and correlation to suit your needs.
  • Ability to diagnose various problems of connectivity present in ExpressRoute circuit .

Figure 1 – Azure ExpressRoute Monitoring

For more information about how to configure the ExpressRoute monitor with NPM please visit the Microsoft's official documentation.

Also in Network Performance Monitor (NPM) was introduced the Service Endpoint Monitor with the integration into the monitor and into the performance of your application also of the performance end-to-end of the network. This feature allows you to create different types of tests (HTTP, HTTPS, TCP and ICMP), that must be carried out in key points of the network infrastructure, so you can quickly identify whether the problem encountered is related to the network or is related to the application. Through the use of the network topology map the problem and its nature is easily locatable. This is a feature in public preview whose characteristics are described in detail in this article.

Agent

This month the new version ofOMS agent for Linux systems fixes some bugs and also introduces an updated version of the components SCX and OMI. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.4.4-210.

Figure 2 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

In this article is described how to build the solution of monitor in Log Analytics for Azure Backup. With this monitor solution, you can control the main aspects of Azure Backup as the backup and restore jobs, backup alert and use of cloud storage. You can do all cross Recovery Service vault and cross subscription, being able to take advantage of the features built into Log Analytics, such as the automated opening of ticket via webhooks or through integration with ITSM. It is a community solution, and each contributed is obviously welcome.

For Azure Backup was announced (in general availability) the possibility of creating consistent backups at the application layer for Linux virtual machines running on Azure. On Windows systems this is done using the VSS component, while for Linux VM it is made available one scripting framework through which you can run the pre-scripts and post-scripts to control the backup execution.

Figure 3 – Mechanism for realization of backup application consistent in VMs Linux on Azure

For more details on this you can consult theofficial announcement, while for more information about Linux virtual machine protection in Microsoft Azure, using Azure Backup, you can view the article: Azure Backup: the protection of Linux on Azure.

Azure Backup introduces the ability to protect natively Azure File Shares. This feature is currently in Public Preview and the main features are:

  • Chance, accessing Recovery Service vault, to make the discovery of storage acccount and detect files shares unprotected.
  • Large-scale protection: there is the possibility to back up multiple file shares contained in a storage account and apply a common security policy.
  • Instant and granular restore. The protection is based on file share snapshots and this allows you to quickly restore files selectively.
  • From the Azure portal you can explore the different restore point available to easily identify which files to restore.

Figure 4 – Backup of Azure File Shares

For further information you can consult theofficial announcement.

This month has been released a Mandatory Update for the Microsoft Azure Recovery Services agent (MARS). For all those who use Azure Backup you must install this update as soon as possible to avoid failures in backup and recovery tasks.

Azure Site Recovery

In Azure Site Recovery was made available a wait functionality, that allows to protect virtual machines having managed disk, in the replication scenario between different Azure regions, allowing greater flexibility for Disaster Recovery scenarios with systems in Azure.

Figure 5 – Enabling replication of a VM with Managed Disks

System Center

As announced in the last few months and as is already the case for the operating system and Configuration Manager, also the others System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). This month there was the first release with the version 1801 of System Center.

Figure 6 – Summary of what's new in version 1801 of System Center

To know the details of what is new in this release, please consult the official announcement. Please remember that for belonging to the semi-annual channel support is guaranteed 18 months.

System Center Configuration Manager

Released the version 1802 for the branch Technical Preview of System Center Configuration Manager: Update 1802 for Configuration Manager Technical Preview Branch.

This release introduces a considerable number of innovations on different areas, including: OSD, Cloud Management Gateway, features of Windows 10 and Office 365, Software Center and Site Server High Availability.

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

The feature called "Updates and Recommendations", introduced in SCOM 2016 for Management Packs from Microsoft, is useful to facilitate the process of discovery of appropriate MPs to monitor different workloads present in your infrastructure and keep them updated. This feature is enabled by well over 110 Microsoft workloads. Microsoft announced that it is extending this feature also for MPs produced and offered by third parties. In release 1801 of Operations Manager are currently covered MPs of the following external partners:

Figure 7 – Feature Updates and Recommendations with MPs of partners

As a result of the release of version 1801 of System Center were also made available the following new SCOM Management Packs:

System Center Service Manager

Released an new version of the Service Manager Authoring Tool.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and, after registering, you can start the trial period.

OMS and System Center: What's New in November 2017

In November there have been several announcements from Microsoft concerning Operations Management Suite (OMS) and System Center. This article will summarize briefly with the necessary references to be able to conduct further studies.

Operations Management Suite (OMS)

Log Analytics

As already announced since 30 October 2017 Microsoft has launched the upgrade process of the OMS workspaces not yet updated manually. In this regard has been released this useful document that shows the differences between a legacy OMS workspace and a updated OMS workspace, with references for further details.

Solutions

Those that use circuit ExpressRoute will be glad to know that Microsoft announced the ability to monitor it through Network Performance Monitor (NPM). This is a feature currently in preview that allows you to monitor connectivity and performance between the on-premises environment and vNet in Azure in the presence of ExpressRoute circuit. For more details about the features announced you can consult theofficial article.

Figure 1 – Network map showing details of ExpressRoute connectivity

Agent

As usual it was released a new version of the OMS Agent for Linux systems that now takes place on a monthly basis. This release fixes bugs related diagnostics during agents onboarding. Are not being introduced new features. To obtain the updated version please visit the official GitHub page OMS Agent for Linux Patch v 1.4.2-124.

Protection and Disaster Recovery

Azure Backup always protected backups from on-premises world toward Azure using encryption that takes place using the passphrase defined during the configuration of the solution. To protect VMs in Azure the recommendation for greater security in the backup was to use VMs with disk-encrypted. Now Azure Backup uses Storage Service Encryption (SSE) to do the encryption of backups of virtual machines on Azure, allowing to obtain in an integrated manner in the solution a mechanism for the implementation of the backup security. This also will happen to existing backup automatically and through a background task.

Microsoft, in order to bring more clarity with regard to pricing and licensing of Azure Site Recovery, updated the FAQ which you can see in the official page of pricing of the solution.

System Center

As is already the case for the operating system and System Center Configuration Manager, the other System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). The goal is to rapidly deliver new capabilities and to ensure a speedy integration with the cloud world, which is essential given the speed with which it evolves. In November was announced the System Center preview version 1711 which you can download at this link.

Figure 2 – Summary of what's new in System Center preview version 1711

To know the details of the new features in this release, please consult theofficial announcement.

System Center Configuration Manager

For System Center Configuration Manager current branch version 1706 was issued an important update rollup you should apply as it solves a lot of problems.

Released the version 1710 for the Current Branch (CB) of System Center Configuration Manager that introduces new features and major improvements in the product. Among the main innovations of this update definitely emerge the possibilities offered by the Co-management that expand the possibilities for device management using either System Center Configuration Manager and Microsoft Intune.

Figure 3 – Features and benefits of Co-management

For a complete list of new features introduced in this version of Configuration Manager, you can consult theofficial announcement.

Released the version 1711 for the Technical Preview branch of System Center Configuration Manager. The new features in this update are:

  • Improvements in the new Run Task Sequence step.
  • User interaction when installing applications in the System context even when running a task sequence.
  • New options, in the scenario of using Configuration Manager associated with Microsoft Intune, to manage compliance policy for devices Windows 10 related to Firewall, User Account Control, Windows Defender Antivirus, and OS build versioning.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

Released an updated version of the Configuration Manager Client Messaging SDK.

System Center Operations Manager

Released the new wave of the SQL Server Management Packs (version 7.0.0.0):

The Management Packs for SQL Server 2017 can be used for the monitor of SQL Server 2017 and subsequent releases (version agnostic), this allows you to avoid having to manage different MPs for each version of SQL Server. The controls for versions of SQL Server earlier than 2014 are included in the generic MP "Microsoft System Center Management Pack for SQL Server".

System Center Service Manager

Microsoft has published a series of tips and best practices to be followed during Authoring Management Pack of System Center Service Manager (SCSM).

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

OMS and System Center: What's New in October 2017

This article lists the main changes announced in October concerning Operations Management Suite (OMS) and System Center. This is a concise summary that contains the necessary references for further study.

Operations Management Suite (OMS)

Log Analytics

In Log Analytics in August was released a major update that introduces a number of changes, as the powerful new query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. For further information you can consult the specific article Log Analytics: a major update evolves the solution. During the month, Microsoft announced that from 30 October 2017 is started automatically the upgrade process of the OMS workspaces not yet updated manually. Everything will be done in a gradual way for region according to the schedule below:

Figure 1 - Scheduling for rollout of the upgrade of Log Analytics

Also starting from 16 October 2017 the new OMS workspaces are already build in the new mode and there is no possibility to create a legacy workspace. For further information you can consult the article Azure Log Analytics workspace upgrades are in progress.

Solutions

Thanks to the solution Azure Log Analytics Container Monitoring for the Service Fabric under Linux now you can:

  • Centralize and correlate logs that are related to containers.
  • For containers and nodes display in almost real-time metrics for CPU, memory, storage and network utilization.
  • Identify containers with excessive use of resources.
  • Control the use of process-wide resources (Docker container top).
  • See an inventory of the container node that contains information about the Orchestration.

Figure 2 – Container Monitoring solution for Linux Service Fabric

The presence of an Azure Resource Manager (ARM) template that lets you create a new Log Analytics Workspace and install during the deployment the OMS agent on all nodes of the Service Fabric cluster facilitates the activation of the monitor. At the end of the cluster deployment simply add to the workspace of Log Analytics the solution Container Monitoring available in Azure Marketplace, and in a few minutes will be available in Log Analytics information on the Service Fabric. For further information you can consult the article Azure Log Analytics Container Monitoring solution for Linux process Fabric.

By using the Azure Action Groups you can use the Log Analytics solution IT Service Management Connector Solution to automatically open incident in your product or service of IT Service Management (ITSM), if properly supported, against alert generated in the Azure environment. The steps to configure this new feature is documented in the ad Send your Azure alerts to ITSM tools using Action Groups.

Agent

Released a new version of the OMS agent for Linux systems that mainly has solved some bugs and introduced some useful improvements. For more details and to get the updated version please refer to the official GitHub page OMS Agent for Linux GA v 1.4.1-123

Figure 3 – Bug fixes and what's new for the OMS agent for Linux

Azure Automation

As for Azure Automation have been announced, currently in preview, exciting new features:

  • Update management: it allows you to have visibility on the updates compliance for both Windows and Linux systems, regardless of their location (Azure, on-premises or others cloud). It also allows you to schedule the deployment to install the updates within a specific maintenance window. Among the features offered is the ability to exclude specific updates from the deployment and retrieve logs for the deployment useful for troubleshooting.
  • Inventory: it allows you to retrieve inventory information about the installed applications within systems. All this can easily be accessed directly from the portal Azure.
  • Track changes: useful for monitoring changes made to systems for services, daemons, software, registry and files. This feature can be very useful to diagnose specific problems and to enable alerts against unexpected changes.

Figure 4 – New features in preview of Azure Automation

For further details please consult the specific article What's New in Azure Automation: Inventory, Change Tracking and Update Management.

Azure Automation also introduces the ability to implement runbook written in Python 2 and adds support for the role Hybrid Runbook Worker under Linux. These features are currently in public preview.

System Center

TheUpdate Rollup 4 for Microsoft System Center 2016 has been released.

These are the System Center products affected by the update that resolves several issues and introduces some improvements:

The Update rollup 4 introduces support for the security protocol TLS 1.2 for all encrypted communications. Earlier versions of TLS and SSL encryption mechanisms are not considered with a high level of security, for this reason Microsoft has decided to introduce for the following System Center products official support for the security protocol TLS 1.2:

  • System Center Operations Manager (SCOM)
  • System Center Virtual Machine Manager (SCVMM)
  • System Center Data Protection Manager (SCDPM)
  • System Center Orchestrator (SCO)
  • Service Management Automation (SMA)
  • Service Provider Foundation (SPF)
  • System Center Service Manager (SM)

Enabling TLS 1.2 requires that you follow the following macro step:

  1. Install security updates for Windows Server, .NET 4.6 and SQL Server.
  2. Install the Update Rollup 4 of System Center 2016 on the different components. Regarding Service Management Automation (SMA) and Service Provider Foundation (SPF) you still need to apply the latest Update Rollup available. In addition to SMA you need to update its Management Pack.
  3. Change the settings to enable TLS 1.2 in the Windows environment on all System Center components.
  4. Adapt the System Center component-specific settings that require it (SCOM, SCDPM and SCO).

For more details you can follow the specific deployment guide.

System Center Configuration Manager

Released version 1709 for the branch Technical Preview of System Center Configuration Manager: Update 1709 for Configuration Manager Technical Preview Branch – Available Now!

The new features in this update are:

  • Co-management: solution that allows the management of devices using either System Center Configuration Manager and Microsoft Intune. Thanks to Windows 10 Fall Creators Update there is the opportunity to join the device both to the Active Directory domain (AD) on-premises and to Azure AD in the cloud. This expands the possibilities for management of devices using the Configuration Manager client and the MDM agent of Intune.

Figure 5 – Co-Management from the SCCM console

  • Improvement regarding the use of SCCM connected to Intune for the management of the mobile devices with regard to the settings of VPN profiles. With this update, in fact while creating a new VPN profile shows only the appropriate settings for the platform that you intend to configure. More details about you can retrieve them in this article.

Also released version 1710 always for the branch Technical Preview of System Center Configuration Manager. The many innovations introduced with this update are available in the announcement Update 1710 for Configuration Manager Technical Preview Branch – Available Now!.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

System Center Operations Manager

In the table below the news about SCOM Management Pack 2016:

The changes introduced by these new MPs can be found in the article DHCP 2016 and 2012 R2 Management Pack release.

System Center Orchestrator

Released the latest version of’Integration Pack for System Center 2016.

To test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

Azure Backup Server v2 in Windows Server 2016

Azure Backup Server is a solution available on the market since October 2015 and in the spring of this year has been released the second version of the product, named Azure Backup Server v2 (MABS v2), that supports installation on Windows Server 2016. Actually Azure Backup Server has inherited the same capabilities of System Center Data Protection Manager, with the substantial difference that does not support backup to tape. Using Azure Backup Server v2 implemented on Windows Server 2016 allows the use of Modern Backup Storage that guarantees, thanks to the new technologies introduced in Windows Server 2016, to improve the performance of backups, to reduce the occupation of storage and to increase the resilience and safety with regard to the protection of virtual machines. This article describes how to implement Azure Backup Server v2 and contains the instructions to follow to take advantage of the benefits through native integration with Windows Server 2016.

Installation requirements

Deploy Azure Backup Server v2 (MABS v2) can be performed on a standalone physical server , on a virtual machine in VMWare or Hyper-V or on a virtual machine hosted on Azure.

The operating system can be Windows Server 2012 R2, but it is recommended Windows Server 2016 in order to benefit from the advantages of Modern Backup Storage. The machine must be joined to an Active Directory domain and should have the ability to access in Internet to Microsoft Azure even if you decide not to send the protected data to the cloud.

Regarding hardware specs Microsoft recommends the following.

Processor
Minimum: 1 GHz, dual-core CPU.
Recommended: 2.33 GHz, Quad-core CPU.

RAM
Minimum: 4 GB.
Recommended: 8 GB.

Disk space
Software installation: recommended about 8-10 GB.
Storage Pools: 1.5 times the data you wish to protect.
Scratch Location: at least the 5% of the total space of the protected data in the cloud.

With regard to the software requirements you must install Microsoft .Net 3.5 SP1, Microsoft .Net 4.6 and Hyper-V Powershell modules.

Finally you need to create on its own subscription Azure a Recovery Service Vault, which will be associated with the Azure Backup Server. The setup of Azure Backup Server will require the Vault credentials which can be downloaded by accessing the properties from the Azure Portal:

Figure 1 – Backup Download Credentials

 

Installation procedure

The download of the installation setup of Azure Backup Server v2 can be started directly by accessing this Microsoft page. After the download of different files you need to run the executable MicrosoftAzureBackupServerInstaller.exe to extract installer binaries in a single folder. Inside the chosen folder, you can run the Setup.exe file to start the installation process later documented.

Figure 2 – Select Install Microsoft Azure Backup Server

Figure 3 – Welcome page

Figure 4 – Check the prerequisites

azure backup server requires the presence of a microsoft sql server instance to host the related database. If you do not have an existing instance to use (required at least SQL Server 2014 SP1) the setup installs SQL Server 2016 Service Pack 1 (recommended by Microsoft). In this scenario you do not require the acquisition of a license for SQL Server as long as the instance is for the exclusive use of MABS v2.

Figure 5 - Choice relative to the SQL Server that hosts the DBs of MABS v2 anf check of the requirements

If you have not installed the Hyper-V Powershell module the setup will install it, but you will need to stop the installation setup to restart the system.

Figure 6 – Requirements not met and restart required for Hyper-V Powershell module installation

Figure 7 – Requirements met

Figure 8 – Choice of installation path

The setup of MABS v2 creates the account MICROSOFT$DPM$Acct local to the machine that will run SQL Server and SQL Server Agent services and the account DPMR$Servername used for the generation of reports.

Figure 9 – Choice of password for the MICROSOFT$DPM$Acct and DPMR$Servername

Figure 10 – Choice of deploying updates to MABS v2 via Windows Update

Figure 11 - Summary concerning the installation choices

At this point starts the setup of Microsoft Azure Recovery Services (MARS) Agent required to connect to the Recovery Service Vault in Microsoft Azure.

Figure 12 - Configuration of the proxy server if required for access to public services in Microsoft Azure

Figure 13 – Verification of the presence of the necessary requirements and installation of MARS

After installing the MARS, starts the registration process of the Azure Backup Server to the Azure Recovery Service Vault that requires the Backup Vault credentials (recoverable following the step documented in Figure 1) and the passphrase required to perform the encryption of stored data. You should save this key in a safe place as it is necessary during recovery operations and can not be recovered in any way by Microsoft staff.

Figure 14 -Choose Backup Vault Credentials

Figure 15 – Passphrase for encryption of backups

After completing these steps, you must wait the end of the installation process.

Figure 16 - MABS v2 installation completed successfully

Before proceeding with the configuration of MABS v2 it is recommended to apply the latest update available for Microsoft Azure Backup Server v2 which you can be downloaded from the Microsoft support site.

At this point, it is necessary to configure the SQL Server instance just installed according to their own needs, and it is recommended to apply thelatest Cumulative Update available for SQL Server 2016 Service Pack 1.

 

Features provided by the integration between MABS v2 and Windows Server 2016

Azure Backup Server v2 is natively integrates with the new technologies available in Windows Server 2016 so you can enjoy the following benefits:

  • Efficiency major in backups operations: using the technologies Refs Block Cloning, VHDX and Deduplication you can get a reduction of storage needed to protect data and improve performance in the execution of backup. The configuration of the Modern Backup Storage can be done by following the steps documented in official documentation, which although relating to DPM 2016 is identical for Azure Backup Server v2. Very interesting also the functionality Workload-Aware Storage that allows you to select which volumes use depending on the type of workloads are protected, having thus the opportunity to choose more efficient storage and dedicate it to more frequent backup tasks for which it is good to have high performance.
  • Reliability elevated in Hyper-V virtual machine protection, thanks to the integration with technology Resilient Change Tracking (RCT) can natively track changes made to VMs compared to backups, without the need to add filter drivers. This reduces the time-consuming tasks to perform consistency checks.
  • Security: ability to backup and restore Shielded VMs.

 

Costs of the solution

As regards the cost of the solution is good to specify that it is obviously necessary to contemplate the license of the machine's operating system on which you are installing MABS v2. An interesting aspect is that in order to implement Azure Backup Server is not require any licence concerning System Center, but you must have an Azure subscription . In the cost of the solution you should consider a fee for each protected instance and any storage occupied in Microsoft Azure. For more details on the cost of the solution, please consult the Official Microsoft page on the Pricing.

 

Conclusions

Azure Backup Server v2, with its approach cloud-first and through the integration with certain features in Windows Server 2016 , is a complete and functional solution for the protection of different workloads. For those using the first release of Azure Backup Server you can upgrade to MABS v2 keeping all the settings. The advice is still to implement MABS v2 on Windows Server 2016 so that you have a solution that allows you to perform backups with speeds up to 3 times and to reduce up to 50% storage utilization.

System Center 2016: What's new in Data Protection Manager

With the release of System Center 2016 one of the components which saw the largest number of news is definitely Dpm. DPM 2016 introduces major improvements in terms of performance and changes regarding storage management and security. The whole is then further enhanced thanks to the support of the new Hyper-V feature in Windows Server 2016.

Modern Backup Storage

DPM 2016 introduces a new mechanism for managing storage defined Modern Backup Storage which uses a block-cloning technology based on Resilient File System (Refs).

Thanks to the use of Modern Backup Storage you can get the following benefits:

  • Disk space optimization: Modern Backup Storage saves approximately the 30-40% storage and have a high degree of flexibility in the management of the same by using volumes ReFS and save backups on VHDX. In DPM 2016 There is no need to allocate a priori the space to devote to protecting resources and is able to adapt employment of storage for backups dynamically based on the size of the source to be protected.
  • Performance improvement: DPM 2016 for saving data on volumes ReFS makes use of a technology block-method-based cloning allocate-on-write instead of copy-on-write (used by VolSnap in DPM 2012 R2). This change enables a performance increase up to the 70%.
  • Decrease in costs: Thanks to the functionality workload-aware storage DPM introduces a further flexibility in the choice of different protection storage workloads that we sconsente to reduce their costs. DPM is able to use high-performance storage and more expensive for workloads with very high I, which may be such as SQL or Sharepoint, and storage less performance for workloads with reduced I.

In order to use Modern Backup Storage requires that DPM is installed on Windows Server 2016.

For more details about the Modern Backup Stoarge you can see Introducing DPM 2016 Modern Backup Storage.

Hyper-V protection

The following changes affect virtual machine protection with DPM 2016.

  • Resilient change tracking (RCT) – DPM uses the new native change tracking mechanism introduced in Hyper-V called Resilient Change Tracking (RCT). RCT significantly increases the resilience of the data compared to the previous change tracking mechanism based on VSS technology and therefore reduces the need for consistency check and thus save time. DPM during differential backups is able to locate and transfer only the blocks that have changed and that are indicated by the change tracker.

The virtual machines that are created directly on Windows Server 2016 and protected by DPM 2016 use of default RCT and therefore you can enjoy the following benefits in terms of protection:

  • Increased reliability: We do not require consistency check after migration of virtual machines;
  • High scalability: You may have a higher number of backup jobs in parallel and a lower impact on storage utilization;
  • Superior performance: faster backups and a lower impact on fabric.

If you want to use the functionality of RCT for virtual machines created on older versions of the hypervisor is wants to update the configuration file version of VMs (For more details, see the upgrading virtual machine version to Windows Server 2016) and on the DPM server 2016 You must stop the protection of virtual machines by selecting the option Retain Data and create a new Protection Group.

  • Continued protection during cluster aware updates – Windows Server 2016 introduced the ability to add a node Windows Server 2016 to an existing Hyper-V cluster consisting of Windows Server nodes 2012 R2. This feature allows you to update the cluster systems without any downtime. DPM 2016 You can protect your virtual machine also during the update process thus continuing to adhere to the established SLAS.
  • Secure VM Backups – DPM 2016 supports backup and recovery of Shielded VMs while maintaining the same level of security. In this regard it is good to specify that in this scenario the capabilities of Item Level Recovery (ILR) and Alternate Recovery Location (ALR) to a location outside the "guarded fabric" are not allowed.
  • Hyper-V with ReFS SOFS Cluster – DPM 2016 cannot protect Hyper-V virtual machines that reside on cluster SOFS that use ReFS. Backup and recovery is also supported for virtual machines that do not use RCT.
  • Hyper-V with Storage Spaces Direct – DPM has the ability to detect and protect virtual machines that use Storage Space Direct in different scenarios, for example, in Hyper-converged scenario where is Hyper-V (compute) that Storage Space Direct (storage) reside on the same cluster. For more details about Storage Spaces Direct on Windows Server 2016 I refer you to this article.

Conclusions

Having regard to the important new features and the many benefits that can be gained by switching to Data Protection Manager 2016 all current users of the solution should seriously consider upgrading. For those who want to explore and evaluate DPM 2016 can Download the trial version from Microsoft System Center Evaluation Center.