In September there were several news that Microsoft announced regarding Azure management services. This article lists the main announcements, accompanied by the necessary references to be able to conduct further studies on.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Azure Monitor VM Insights now available with Azure Monitor Agent
Azure has announced the availability of “Azure Monitor VM Insights” through the use of the Azure Monitor Agent. This service offers a quick and easy way to monitor customer workloads on Azure virtual machines and scale sets, as well as on Azure Arc-enabled servers operating in an on-premises and/or multi-cloud environment.
The new version of the agent offers various benefits, including cost savings, simplified management and improved security and performance. If you were previously using VM Insights using Log Analytics Agent (now deprecated), Microsoft suggests consulting theirs migration guide to switch to the Azure Monitor Agent.
Historical view for Azure Monitor alerts (preview)
Monitoring resources and alerts in Azure is now easier and more intuitive with the new historical preview view of Azure Monitor. This view offers a clear overview of triggered alerts, allowing users to quickly identify problems
OpenTelemetry-based distribution via Node.js from Python
Azure Monitor now offers OpenTelemetry-based distribution for Node.js and Python, allowing developers to easily integrate with Azure Monitor and collect telemetry data. This new feature ensures that developers can effectively monitor their applications, obtaining performance information, on errors and other key metrics.
Azure Update Manager: updated and enhanced update management
Azure Update Manager offers a SaaS solution to manage and govern software updates on Windows and Linux machines in Azure environments, on-premises e multi cloud. This is an evolution of the Azure Automation update management solution with new features. Azure Update Manager has been redesigned to provide new capabilities without relying on the Log Analytics agent or Azure Monitor agent. It relies on the Microsoft Azure VM agent to manage update flows on Azure VMs and on the Azure Connected Machine agent to manage Azure Arc-enabled servers.
Azure Cost Management
Export Cost Management data to firewall-protected storage accounts
You can now export Cost Management data to firewall-protected Azure storage accounts. Users can use the Exports API or the Azure portal to create recurring tasks to automatically export cost data to CSV format. This can be scheduled on a daily basis, weekly or monthly, and the exported data can be used for creating dashboards or integrating with financial systems.
Updates related toMicrosoft Cost Management
Microsoft is constantly looking for new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported.
Microsoft Defender for Cloud
Malware scanning in Defender for Storage
Defender for Storage introduces malware scanning functionality, overcoming traditional malware protection challenges and providing an ideal solution for highly regulated industries. This function, available as an add-on, represents a significant enhancement of Microsoft Defender for Storage security solutions. With malware scanning you get the following benefits.
- Protection, in near real time, without agent: ability to intercept advanced malware such as polymorphic and metamorphic ones.
- Cost Optimization: thanks to flexible pricing, you can control costs based on the amount of data examined and with resource-level granularity.
- Enablement at scale: without the need for maintenance, supports automated responses at scale and offers several options for activation via tools and platforms such as Azure policy, Bicep, ARM, Terraform, REST API and the Azure portal.
- Application versatility: based on feedback from beta users over the last two years, Malware scanning has proven useful in a variety of scenarios, as web applications, content protection, compliance, integrations with third parties, collaborative platforms, data streams and datasets for machine learning (ML).
GitHub Advanced Security per Azure DevOps
It is now possible to view GitHub Advanced Security for Azure DevOps alerts (GHAzDO) related to CodeQL, secrets and dependencies, directly in Defender for Cloud. The results will appear in the DevOps section and Recommendations. To see these results, you need to integrate your GHAzDO-enabled repositories into Defender for Cloud.
New features, bug fixes and deprecated features of Microsoft Defender for Cloud
Microsoft Defender for Cloud development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. To find out about the main innovations that characterized Defender for Cloud in the summer 2023, outlining how these innovations can represent added value for companies, you can consult this article.
Cross Region Restore (CRR) for Recovery Services Agent (MARS)
Following the General Availability of Cross Region Recovery for VM backups, SQL and SAP HANA and to strengthen the resilience pillar, Microsoft has announced Cross Region Recovery support for the Recovery Services Agent (MARS) using Azure Backup.
Azure customers leverage Recovery Services Agent to back up their files/folders and system state to an Azure Recovery Services Vault. Backup data in the primary region can also be geo-replicated to a secondary region paired with Azure to ensure durability. Previously, data replicated in the secondary region was available for recovery in the secondary region only if Azure declared a disaster in the primary region. With the introduction of this new support, Customers can enable recovery of Recovery Services Agent backups in the secondary region at any time.
This capability can be leveraged in the following scenarios:
- when the primary region is available to test restores from backup data in the secondary region for audit/compliance purposes;
- when the primary region is not available, customers can trigger recovery of data backed up in the secondary region even if the primary Azure region is partially unavailable or completely unavailable without any waiting time.
Saving the Azure Backup Recovery Services Agent passphrase (MARS) in Azure Key Vault (preview)
Data security is a priority for Microsoft, and with the new preview feature that allows you to save the Recovery Services Agent encryption passphrase directly in Azure Key Vault, users can now enjoy an even greater level of security. This integration makes the Recovery Services Agent installation smoother and more secure, eliminating the need for custom scripts.
Azure Files Backup in China regions
Azure Files Backup is now generally available in China regions. This feature allows users to back up their files to Azure securely and reliably.
New Azure Migrate releases and features
Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult this page, that provides information about new releases and features.
Evaluation of Azure
To test for free and evaluate the services provided by Azure you can access this page.