This month, Microsoft has introduced a series of significant updates to the Azure management services. Through this series of monthly articles, I aim to provide an overview of the most relevant new features. The goal is to keep you constantly informed about these developments, giving you the essential information to further explore these topics.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Figure 1 – Overview of Management Services in Azure
Monitor
Azure Monitor
VM insights: migration to Azure Monitor agent by August 31, 2024
On August 31, 2024, VM insights based on the Log Analytics agent will be retired. It is recommended to migrate to the Azure Monitor agent for VM insights, which offers several improvements, including:
- Enhanced security and performance.
- Data collection rules to help reduce costs.
- A simplified management experience, facilitating troubleshooting.
Integrated Azure Monitor alerts for Azure Site Recovery (preview)
Microsoft recently announced the preview availability of integrated Azure Monitor alerts for Azure Site Recovery. This new feature allows Azure users to more effectively monitor the status and performance of their disaster recovery environments. The integrated alerts enable rapid detection of potential issues, ensuring more efficient and proactive management of resources in emergency recovery situations. With this integration, users can configure custom alerts based on specific performance and status parameters, improving resilience and operational readiness for their systems. This feature is particularly useful for organizations requiring high standards of operational continuity and data integrity.
Govern
Azure Policy
Protection of critical infrastructures from large-scale accidental deletions with Policies
Microsoft has introduced “DenyAction” in Azure Policy. This new feature allows blocking requests based on actions taken on the resource, rather than just its configuration or properties. In practice, with Deny Action, it is possible to protect infrastructures by preventing unwanted deletion calls. While in the past Azure Policy only offered the “deny” function, which blocked requests based on specific resource configurations, now with the addition of Deny Action, the blocking capability has been extended to actions included in the request.
Azure Cost Management
Updates related to Microsoft Cost Management
Microsoft is constantly seeking new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns, and optimize costs. This article reports some of the latest improvements and updates regarding this solution.
Azure Arc
Azure Arc-enabled SCVMM (preview)
With the recent introduction of “Azure Arc-enabled System Center Virtual Machine Manager (SCVMM)”, it is now possible to manage SCVMM VMs more efficiently directly from Azure. This innovative solution facilitates the discovery, integration, and management of VMs. Microsoft is expanding the capabilities for SCVMM enabled in Azure Arc. Thanks to this update, Azure Arc-enabled SCVMM VMs receive full support for Azure management services. This includes protection offered by Microsoft Defender for Cloud, monitoring via Azure Monitor, and updates provided by Azure Update Manager. These new features offer customers a simpler and more effective management experience of their System Center-managed assets, all through Azure.
Secure
Microsoft Defender for Cloud
New features, bug fixes, and deprecated features of Microsoft Defender for Cloud
The development of Microsoft Defender for Cloud is constantly evolving, with continuous improvements being introduced. To stay updated on the latest developments, Microsoft updates this page, which provides information on new features, bug fixes, and deprecated features. Specifically, this month’s main news includes:
- Public preview availability of recommendations for managing DevOps security posture;
- Release of the CIS Azure Foundations Benchmark v2.0.0 in the Regulatory Compliance dashboard.
Protect
Azure Backup
Backup Vaults with MUA (Multi-User Authorization)
Azure Backup has announced the availability of backup vaults with MUA (Multi-User Authorization). These vaults offer an integrated backup solution that protects business data through a series of advanced access features. With this release, the backup administrator, who is usually the owner of the Backup vault, needs to obtain the collaborator role on the protected resource to perform certain operations. This requires an action by the owner of the protection resource to approve and grant the requested access. Additionally, it is possible to use Azure Active Directory Privileged Identity Management to manage just-in-time access on the protected resource.
Enhanced Soft Delete
Azure has announced the availability of the “Enhanced Soft Delete” feature for Azure Backup. This feature offers additional protection against data loss, ensuring that backup data remains available for recovery, even if the backup source is deleted. The Enhanced Soft Delete feature protects against accidental deletions and malicious activities. This adds an extra layer of security and resilience to backup data.
Regional Disaster Recovery for Azure Backup for AKS (preview)
Azure Backup for AKS allows customers to protect their containerized workloads along with application data deployed on AKS clusters. The solution enables scheduled backups of AKS clusters and their restoration in various scenarios. Customers also want to use their AKS backups to recover applications in the event of a regional disaster, following industry best practices for the 3-2-1 backup strategy. With this in mind, the Azure Backup service is announcing the private preview of the regional disaster recovery capability of AKS Backup. Using this feature, it is possible to recover the AKS cluster from backups in a secondary region, such as an Azure paired region, in the event of a regional disaster.
Migrate
Azure Migrate
New releases and features of Azure Migrate
Azure Migrate is the service in Azure that includes a broad portfolio of tools that can be used, through a guided user experience, to effectively address the most common migration scenarios. To stay updated on the latest developments of the solution, you can consult this page, which provides information on new releases and new features.
Azure Evaluation
For those who wish to explore and personally evaluate the services offered by Azure, a unique opportunity is available: by accessing this page, you can test various features and services for free. This will allow you to better understand how Azure can adapt and improve your IT operations, while ensuring security and innovation.
