Category Archives: Log Analytics

Azure management services and System Center: What's New in November 2019

In November, accomplice also the Microsoft Ignite conference 2019, Microsoft has unveiled a number of new features regarding Azure management services and System Center. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Azure Log Analytics

New version of the agent for Linux systems

This month, the new version of the Log Analytics agent for Linux systems introduces improvements regarding the installation process, performance and resolution of issues in the use of custom logs. For more information about this, you can access theGitHub official page.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 42 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Improvements in resource clean-up

In Azure Site Recovery, the replication scenario of VMs between different Azure regions, the improvements were introduced regarding the clean up of the virtual machines and the related deallocated NIC (failed back), when the primary site is restored as a result of a failback process. In this way are easier the necessary operations to rehabilitate the protection. In addition, if you disable replication after a failback, Site Recovery also cleans up disks in the secondary region, as well as the VMs and their NIC.

Azure Backup

New features to protect SQL Server

In Azure backup the following new features regarding SQL Server protection was made available:

  • Native Protection of SQL Server 2019 on virtual machines Windows Server 2019 in Azure.
  • Protection of SQL Server 2008 and 2008 R2 for systems migrated to Azure.
  • Ability to make “Restore as Files”, that enables you to recover protected data as files .bak. This feature allows you to move files anywhere (different subscriptions, regions and on-premises) introducing more flexibility in performing restore operations.

SAP HANA backup

In Azure Backup, SAP HANA DB protection on virtual machines is available in the UK South region, all in an integrated way and without having to provide a specific backup infrastructure. This solution is officially certified BackInt from SAP.

System Center Updates Publisher

New version

A new version of System Center Updates Publisher (SCUP) has been released and is available to this link.

Microsoft Endpoint Manager

New brand for Configuration Manager

Microsoft Endpoint Manager is the name assigned to the Microsoft solution for the integrated management of all devices. Microsoft has decided to unify Configuration Manager and Intune, without having to deal with complex migrations and simplifying licensing. With this approach, Microsoft helps you take advantage of your investments in Configuration Manager and take advantage of the benefits and capabilities of the Microsoft cloud.

The Microsoft Endpoint Manager brand includes the following Microsoft management solutions:

New version for Configuration Manager Technical Preview Branch

For Configuration Manager was released the update 1911 (Technical Preview Branch) that among the main innovations officializes that Configuration Manager is now part of Microsoft Endpoint Manager.

To verify the details about what's new in this update you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Desktop Analytics is now available

The Desktop Analytics solution is publicly available. It is a tool that can provide useful information and provide the automations necessary to keep the Windows machines up-to-date. The possible integration of Desktop Analytics with System Center Configuration Manager, adds the value given by the cloud solution to the local infrastructure.

Evaluation of Azure and System Center

To test for free and evaluate the services provided by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in October 2019

In October were announced, by Microsoft, a considerable number of news regarding the Azure management services and System Center. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Azure Log Analytics

Availability in new regions

Azure Log Analytics is now available in the new regions “Switzerland North, Switzerland”, to allow you to collect log and perform related trend analysis on the use of resources.

New option for the pricing model

For Azure Monitor Log Analytics is available from November 1 2019 a new pricing model, allowing you to pay a fixed fee for data ingestion, based on the capacity of the selected tier. The tier start at 100 GB per day and allow you to get a saving of up to 25%, compared to the Pay-As-You-Go cost.

New version of the agent for Linux systems

This month the new agent version of Log Analytics introduces enhancements for Linux systems in particular concerning the installation process and performance. For more information about this, you can access theGitHub official page.

Retention configurable by data type

Azure Monitor Log Analytics introduces the ability to configure data retention, that is, the retention period of the data, for each type of data, instead of having a single retention setting for the entire workspace. The configuration at the time must be made through ARM commands. This new possibility allows for greater flexibility and savings in retention costs from the collated data from October (release date of this functionality). For more details please visit the Microsoft's official documentation.

Changing the saving of data in Service Map in Log Analytics

Data for Service Map, until now saved in custom log tables ServiceMapComputer_CL and ServiceMapProcess_CL will be moved to specific Log Analytics data types. These new tables will be called VMComputer and VMProcess, Inl.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 41 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Update for Windows servicing stack and SHA-2

For the Azure Site Recovery Mobility agent was issued a specific update required to enable Windows servicing stack and SHA-2 support.

Availability in new regions

Azure Site Recovery is now available in “Norway East, North Dakota” and “Norway West, North Dakota”. To check the availability of the service in all the Azure regions you can consult this document.

Azure Backup

Support for disks up to 32 TB

Support for large Managed disks has been announced for Azure Backup, up to 32 TB. For further information you can consultthis article.

System Center Configuration Manager

New releases for the Technical Preview Branch

For Configuration Manager was released the update 1910 that one of the main innovations is the ability to deploy and manage Microsoft Edge. With this integration, you can also easily manage the deployment of new versions of Microsoft Edge from the beta channel (updated every 6 weeks) and the Dev channel (updated weekly).

To check the details of what's included in these updates, you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Evaluation of Azure and System Center

To test and evaluate free of charge the service offered by Azure you can access this page, while to try out the various components of System Center you must Access to theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in August 2019

Microsoft constantly releases news regarding the Azure management services and System Center. Our community publishes this monthly summary to provide an overview of the top news released in the last month. This allows you to stay up-to-date on these topics and have the necessary references to conduct further investigations.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 39 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Availability in new regions

Azure Site Recovery is now available in these new regions: West India, UAE Central, UAE North, South Africa North, and South Africa West.

Disaster recovery of Azure Disk Encryption-enabled virtual machines

Azure Site Recovery introduced support for virtual machines with disks that use Azure Disk Encryption without using Azure Active Directory app. This feature is currently only supported for Windows virtual machines that use managed disks. Soon will be introduced the support for Linux virtual machines, using managed disks.

Monitor in Log Analytics

The ability to send diagnostic logs to a Log Analytics workspace has been introduced to the Site Recovery vault. These logs are generated in addition to virtual machines in Azure, also from VMware virtual machines and physical systems protected by Azure Site Recovery.

Azure Backup

Availability in new regions

Azure Backup can now also be used in these new regions: West India, UAE Central, UAE North, South Africa North, and South Africa West.

Support for disks up to 30 TB

For Azure Backup has been announced support, currently in limited public preview, for large Managed disks, up to 30TB. For further information you can consult this article.

Soft Delete for protected virtual machines

In order to increase the protection of the backups made by Azure Backup, was introduced the soft delete for IaaS virtual machines. This allows you to have a higher level of protection from accidental or malicious deletions of IaaS VMs backups.

System Center Configuration Manager

New releases for the Technical Preview Branch

For Configuration Manager was released the update 1908 that among the main innovations there is the ability to activate the’High Performance Power Plan during the execution of the task sequence, for performance benefits.

In addition, it was released the update 1908.02 that includes the integration with Teams messaging in the Configuration Manager console.

To check the details of what's included in these updates, you can see this document for update 1908 and this document for update 1908.02.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Evaluation of Azure and System Center

To test and evaluate free of charge the service offered by Azure you can access this page, while to try out the various components of System Center you must Access to theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in July 2019

Microsoft announces constantly news about Azure management services and System Center. As usual our community releases this monthly summary that provides a general overview of the main new features of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

Azure Log Analytics

Availability in new regions
Azure Log Analytics is now also possible to activate it in these new regions: South Africa North, Brazil South, UK West and North Central US.

New search capabilities in Azure Monitor Log

Azure Log Monitor has introduced the ability to check the logs directly on specific Azure resources, thereby allowing you the ability to filter it more easily on the resource. The logs are also aggregated from all workspaces that contain logs associated with that specific resource.

What's new in the interface

In July there have been several innovations in the interface of Log Analytics, described in detail in this article.

Azure Automation

Azure Update Management: non-targeted in Azure

In Azure Update Management it was introduced the feature that allows dynamic targeting, with systems not in Azure environment, for deployments of patches. The machines not in the Azure environment can be dynamically added to the patch distributions based on the criteria specified in a saved search in Log Analytics.

Azure Site Recovery

Added support for disks of size up to 8 TB

In Azure Site Recovery you can now protect data disks of size up to 8 TB. This functionality is available for all virtual machines with Azure managed disks and also for all the on-premises machines that are replicated on managed disks.

System Center Configuration Manager

New release for the Technical Preview Branch

For Configuration Manager was released the update 1907 that among the main innovations provides the ability to search in the Task Sequence Editor, useful when you have a particularly complex Task Sequence.

To verify the details about what's new in this update you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Desktop Analytics available in Public Preview

The solution Desktop Analytics is available in public preview. It is a tool that can provide useful information and provide the automation necessary to keep update your Windows machines. The possible integration of Desktop Analytics with System Center Configuration Manager, adds the value given by the cloud solution to the local infrastructure.

Released version 1906 for the Current Branch

There are many new features in this release designed to enrich and improve different features of the solution. The main innovation is the integration with Desktop Analytics. To get the complete list of new features introduced with this build, you can consultthis official document. The transition to version 1906 can be done by following theinstallation checklist, at the end of which it is appropriate to continue with theChecklist post-update.

Evaluation of Azure and System Center

To test and evaluate free of charge the service offered by Azure you can access this page, while to try out the various components of System Center you must Access to theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in June 2019

In June have been announced, by Microsoft, a considerable number of news regarding the Azure management services and System Center. From our community, through these articles released monthly, aims to provide a general overview of the main new features of the month, in order to stay up to date on these issues and have the necessary references for further information.

Azure Log Analytics

Azure VMBoundPort Monitor

In Azure Monitor was announced the availability, in all the regions supported by Log Analytics, to consult theVMBoundPort data setVMBoundPort contains information about all ports that accept incoming traffic and that can potentially accept it. This is a very useful feature, to analyze what ports are open and which are active, to carry out analysis of security or for troubleshooting.

New region supported for Azure Monitor for VMs

Azure Monitor for VMs, the service that allows you to analyze the performance and health of both Windows and Linux VMs, by monitoring their processes and ralative dependencies with other resources, is now also available in the region of West US 2. They become so seven Azure regions that currently support Azure Monitor for VMs.

Availability in new regions
Azure Log Analytics is now also possible to activate it in these new regions: South Africa North, Brazil South, UK West and North Central US.

Advanced Data Security available for SQL Server VMs in Azure

Advanced data security is available in preview for SQL Server on Azure VMs. This feature allows you to protect your SQL Server installations made on board of Azure virtual machines. This service currently includes the capabilities necessary to identify and mitigate potential vulnerabilities on databases and detects unusual activity that may indicate the presence of a security threat on the server.

Updates to the User Interface in Azure Monitor Log Analytics

During the month, some elements of the Azure Monitor Log Analytics underwent a change, For more details you can refer this document.

New version of the agent for Linux systems

This month the new agent version of Log Analytics for Linux systems introduces improvements relating in particular to the installation process and performance. To get more information about it you can access the GitHub official page.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was releasedUpdate Rollup 37 solving different problems and introduces some improvements. The details and the procedure to be followed for the installation can be found in the specific KB 4508614.

Data replication of new disk added

Azure Site Recovery introduced the ability to enable replication of data disks, only if managed type, that are added to a Azure VM, that has already enabled the ability to make disaster recovery.

New support limits for the Mobility service for DR scenarios of VMware VMs and physical servers

Azure Site Recovery is now able to support up to five GPT partitions on UEFI, when you use the Mobility service for disaster recovery scenarios of VMware VMs and physical servers.

Using an existing automation account for automatic updates of Mobility service

When you set up automatic updates of the Azure Site Recovery Mobility service extension running on Azure VMs enabled for disaster recovery scenarios, introduced the ability to select an existing automation account to use, instead of using the default created by Site Recovery.

Azure Backup

Support for SQL Server 2008 and 2008 R2 on VMs in Azure

The 9 July 2019 officially ends support for SQL Server 2008 and 2008 R2 and thanks to the Microsoft approach, which guarantees other 3 years of security updates if migrated to Azure environment, many customers are proceeding with its migration. In the event you choose to move the SQL Server on-premises, in a VM in Azure environment, is appropriate to manage the backup and for this reason, Microsoft has decided to introduce in Azure Backup the support (at the time public preview) of SQL Server 2008 and SQL Server 2008 R2 from Windows 2008 R2 SP1.

System Center Configuration Manager

New release for the Technical Preview Branch

For Configuration Manager was released the update 1906 that among the main innovations provides the ability to specify a user category as a filter in the applications that are on the Software Center page.

To verify the details about what's new in this update you can see this document.

Please note that the releases in Technical Preview Branch help you to evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Updates Publisher

Announced the availability of System Center Updates Publisher preview (SCUP) June 2019.

Evaluation of Azure and System Center

To test and evaluate free of charge the service offered by Azure you can access this page, while to try out the various components of System Center you must Access to theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in May 2019

To stay up to date on news about Azure management services and System Center, our community releases this monthly summary, allowing you to have an overview of the main new features of the month. In this article you will find the news, presented in a synthetic way and accompanied with the necessary references to be able to conduct further studies.

Azure Log Analytics

New version Agent for Linux systems

This month the new agent version of Log Analytics for Linux systems introduces improvements concerning the stability and reliability. For more information about this, you can access the GitHub official page.

Availability in new regions

The availability of Azure Log Analytics has been extended for another five new regions: Central US, East US 2, East Asia, West US and South Central US.

Azure Site Recovery

Improvements in the monitor of VMware and physical systems

In the replication scenario of VMware systems and physical machines , the role Process Server acts as replication gateway, then receives replication data, performs an optimization through caching and compression mechanisms, provides encryption and sends them to the storage in the Azure environment. This role is also responsible to make the discovery of virtual machines on VMware systems. There are several factors that may impact on the smooth functioning of this component: high data change rate (churn), network connectivity, bandwidth availability, undersizing of the computing capacity required. In ASR were added different States of health that facilitate troubleshooting for this component. For each alert is also proposed corrective action deemed necessary, in order to better manage this role, essential for the proper functioning of the replication process.

Azure Backup

Network Security Group service tags for Azure Backup

Microsoft announced the ability to use within the Network Security Groups (NSGs) the service tag for Azure Backup. Using the tag AzureBackup it is possible to allow in the NSG outbound access to the Azure Backup service, so you can protect your workloads (Sql Server) on board of the virtual machines, instead of having to manage a whithelist that contains the IP addresses of the service. This is useful, in addition in the presence of the SQL Server workloads to be protected, also to make VM backup via MARS agent.

System Center Configuration Manager

New release for the Technical Preview Branch

For Configuration Manager was released the update 1905 that among the main innovations provides the ability to create application groups to be sent to collection of users or devices into a single deployment. The applications in the group can be installed with a specific order and the group will be displayed in Software Center as a single entity (suite of products).

To verify the details about what's new in this update you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Evaluation of Azure and System Center

To test and evaluate free of charge the services offered by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in April 2019

Microsoft announces constantly news about Azure management services and System Center. Our community releases on a monthly basis this summary that provides a general overview of the main new features of the current month, in order to stay up to date on these news and have the necessary references to conduct further study.

Azure Log Analytics

Agent

This month the new version ofLog Analytics agent for Linux systems fixes important bugs and improves stability. To obtain the updated version of the Log Analytics agent you can access to the GitHub official page.

Figure 1 – News of the new release of Log Analytics agent

Availability in new regions

The availability of Azure Log Analytics has been extended into three new regions: France Central, Korea Central, and North Europe. Furthermore, it can be activated in preview in the following regions: Central US, East US 2, East Asia, West US and South Central US.

Azure Automation

New features in Azure Update Management

Azure Management Update added the option to have as a target of patch deployment groups of virtual machines, generated by queries that rely on native Azure concepts (such as resource group, location, and tags). The virtual machines can be added dynamically to existing patch deployment based on defined criteria.

System Center Configuration Manager

End of support for SCCM 2007 and FEP 2010

Please note that the support for System Center Configuration Manager 2007 and Forefront Endpoint Protection (FEP) 2010 end on 9 July 2019. After this date will be discontinued by Microsoft: updates (security and non), assisted support and for FEP Microsoft will no longer releases antivirus signatures and engine updates. For those who are using these products it is time to consider switching to the latest version of SCCM.

New releases for the Technical Preview Branch

Released version 1903

For Configuration Manager was released the update 1903 and among other changes was the ability to use a new tool for cost estimates for the deployment of cloud management gateway.

Figure 2 – SCCM Clooud Cost Estimator

For full details of what's new in this release you can consult this document.

Released version 1904

For Configuration Manager was also released the update 1904 which includes new dashboards to identify the devices ready to be upgraded to Office 365 ProPlus.

To verify the details about what's new in this update you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Support for Windows Server 2012 and for SCOM 2019

After the release of SCOM 2019, Microsoft has decided to change the support statement to allow even the monitor of systems Windows Server 2012. To see the full list of System requirements for System Center Operations Manager 2019 you can consult this document.

Evaluation of Azure and System Center

To test and evaluate free of charge the services offered by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.

Security in the cloud with Azure Sentinel solution

Microsoft recently announced a new cloud solution called Azure Sentinel. It is a service that aims to expand the capabilities and potential of the products SIEM (Security Information and Event Management) traditional, going to use the power of the cloud and artificial intelligence to be able to quickly identify and manage security threats affecting your infrastructure. This article lists the main features of the solution.

Azure Sentinel is a solution that allows real-time analysis of security events and information generated within their own hybrid infrastructure, from server, applications, devices and users. It is a cloud-based service, it follows that one can easily scale and have high-speed processing of information, without the need to implement and manage a dedicated infrastructure, to intercept potential security threats.

Azure Sentinel service can be activated directly from the Azure Portal:

Figure 1 - Creation of service Azure Sentinel

Operating principles of Azure Sentinel

Collect data within the infrastructure

Azure Sentinel leans to Azure Monitor that, using the proven and scalable repository of Log Analytics, is able to accommodate a high volume of data, which it is possible to process them effectively thanks to an engine that ensures high performance.

Figure 2 - Adding Azure Sentinel to an existing Log Analytics workspace

With Azure Sentinel you can aggregate different security data from many sources, using the appropriate connectors embedded in the solution. Azure Sentinel is able to connect, in addition to the different platform solutions, even the most widespread and popular network solutions of third-party vendors, including Palo Alto Networks, F5, Symantec, Fortinet and Check Point. Azure Sentinel also has a native integration with logs that meet the standard formats, as common event and syslog.

Figure 3 -Data Connectors

Using this solution, you also have the ability to easily import data from Microsoft Office 365 and combine them with other security data, in order to get a detailed analysis of your environment and have visibility into the entire sequence of an attack.

Figure 4 – Office 365 Connector

Azure Sentinel also integrates with’Microsoft Graph Security API, which allows you to import your own threat intelligence feeds and customize detection rules of potential security incidents and notification.

Analyze and quickly identify the threats by using artificial intelligence

Azure Sentinel uses scalable machine learning algorithms, able to correlate a high amount of security data, to present to the analyst only potential security incidents, all with a high level of reliability. Thanks to this mechanism Azure Sentinel differs from other SIEM solutions, adopting traditional correlation engines, drastically reducing noise and consequently the effort for the analysis required in detecting threats.

Figure 5 – Azure Sentinel Overview

After enabling the Data Collectors required, you will begin to receive data in the workspace of Log Analytics and setting up ofAlert Rules, it can generateCases to report potential security threats. For more details on how to detect threats with Azure Sentinel, see the Microsoft's official documentation.

Investigate suspicious security activities

The data processed by the solution can be found using the dashboards, customizable to suit your needs. Dashboards allow you to conduct investigations by reducing the time needed to understand the scope of an attack and its impact.

Figure 6 – Dashboards available in Azure Sentinel

Figure 7 – Azure Network Watcher dashboard

If security threats are detected, against the Alert Rules set, it is generated a Case, for which you can set the severity, the status and its assignment.

Figure 8 – Cases

Using the console, you can proceed with the investigation of the case:

Figure 9 – Case Investigation

In the same dashboard you can also perform actions. Proactive research activities of suspicious transactions are a fundamental aspect for security analysts, that with Azure Sentinel can be made through two specific features that allow you to automate the analysis: search query (hunting queries) and Azure Notebooks (based on notebook Jupyter), that are constantly updated.

Figure 10 – Hunting queries

Figure 11 -Example of an Azure Notebook

Automate common tasks and response to threats

Azure Sentinel provides the ability to automate and orchestrate the response to common problems, so you don't have to manually perform repetitive tasks. By means of predefined and customizable playbooks you can quickly respond to security threats.

Figure 12 – Alert playbooks

Figure 13 – Logic Apps Designer

Microsoft also announced that more defense and investigation tools will be integrated in the solution increased.

Conclusions

Azure Sentinel is a complete solution that provides native SIEM in the cloud and introduces significant benefits over traditional SIEM solutions, which require to sustain high costs for the maintenance of the infrastructure and for data processing. Azure Sentinel enables customers to simplify the tasks required to maintain high security in the infrastructure and to scale gradually to suit your needs, providing a wide integration with third party solutions.

Azure management services and System Center: What's New in March 2019

In March there have been several news announced by Microsoft on the Azure management services and System Center. In this summary, that we report on a monthly basis, there are listed all the main news, accompanied by the necessary references to be able to conduct further studies.

Azure Monitor

Availability in Central Canada and UK South

The new service that allows you to monitor the virtual machines, called Azure Monitor for VMsis also available in Central Canada and UK South.

Azure Log Analytics

Availability in new regions

Azure Log Analytics is now available in the regions of Azure China, Australia East and Central Australia. It is also available in Public Preview in the following regions: France Central, Korea Central and North Europe.

Azure Site Recovery

Support for storage accounts protected with firewall rules

In Azure Site Recovery was introduced support for storage accounts that are configured with firewall rules for the Virtual Networks, in replication scenarios from VMware or physical systems to Azure.

Support for managed disks in replication scenarios with VMWare and physical systems

Azure Site Recovery now supports disaster recovery of VMware virtual machines and physical systems, replicating directly towards the managed disks. This avoids creating and managing different storage accounts target for the replica of these systems. The on-premises data are sended to a cache storage account in the target region and written in managed disk by Site Recovery.

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 35 which it addresses several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB 4494485.

Azure Backup

In Azure Backup was officially released the functionality to back up the SQL Server installed in Azure IaaS virtual machines.

Figure 1 – Azure Backup Features for SQL Server in Azure VMs

Among the benefits of this solution there are:

  • Recovery Point Objective (RPO) of 15 minutes
  • Point-in-time restores: to make easy and rapid the recovery operations of the DBs.
  • Long-term retention: ability to keep backups for years.
  • Protection of encrypted databases: chance to make the backup of encrypted SQL databases and safely keep via an encryption at rest integrated into the solution. All backup and restore operations are managed by role-based access control mechanism.
  • Auto-protection: is handled automatically the detection and the protection of new databases.
  • Management and monitoring: allows to carry out a centralized management and monitoring the protection status of the systems.
  • Cost savings: are not required infrastructure costs and allows to easily scale to meet your needs.

System Center

Released System Center 2019

The main novelty regarding System Center is the release in general availability of the major release of System Center 2019. This is the release belonging to the long term servicing channel (LTSC) that will be supported for 10 years and that introduces full support for Windows Server 2019.

Starting from this release, Microsoft has decided to change the System Center product release policies. There will be no more releases in the Semi-Annual Channel (SAC) and new features, before the next release Long-Term Servicing Channel (LTSC), can be obtained via Update Rollup.

System Center 2019 supports upgrade from the two recent Semi-Annual Channel releases (SAC), System Center 1801 and System Center 1807 as well as System Center 2016.

Customers who have a valid license of System Center 2019 can download it from the Volume Licensing Service Center (VLSC).

Among the main features of System Center 2019 we find:

Virtual Machine Manager

  • Integration in VMM with Azure Update Management simplifies patching of virtual machines
  • Dynamic Storage Optimization in VMM enables higher availability of workloads
  • VMM now provides health and operational status of storage disks in Hyper Converged as well as disaggregated deployment
  • New RBAC role in VMM ensures that IT admins can be provided access commensurate with their role and no more
  • Support for latest versions of VMware in VMM (to enable migration to Hyper-V)

Operations Manager

  • SCOM supports integration with Azure services – Dependency Map (Service Map) provides comprehensive visibility of dependencies across servers along with health.
  • Azure Management Pack integrates alerts and performance metrics for Azure resources in SCOM
  • Along with modernized and extensible SCOM web console, subscriptions and notifications are now modernized with support for HTML based email
  • Maintenance schedules in SCOM with SQL server AlwaysOn
  • Update and recommendations for Linux workloads enables discovery of up-to-date MPs for Linux environments
  • Linux monitoring is now resilient to SCOM management server failover
  • All Windows Server Management Packs now support Windows Server 2019

Data Protection Manager

  • Faster backups with DPM with a 75% increase in speed and a monitoring experience for key backup parameters via Log Analytics.
  • DPM further supports backup of VMWare VMs including to tape

More news

  • Orchestrator supports PowerShellv4 +
  • Service Manager has an enhanced AD connector
  • Support for service logon across the System Center suite aligning with security best practices

More information about it can be consulted in the article System Center 2019 is now in general availability.

System Center Configuration Manager

Released version 1902 for the Current Branch

There are many new features in this release designed to enrich and improve different features of the solution. To get the complete list of new features introduced with this build, you can consult this official document. The transition to version 1902 can be done by following the installation checklist, at the end of which it is appropriate to continue with the Checklist post-update.

System Center Operations Manager

Management Packs

Following, are reported the news about the SCOM Management Packs:

  • System Center Management Pack for Message Queuing version 7.1.10242.0
  • System Center Management Pack for Microsoft Azure Stack version 1.0.3.11
  • System Center Management Pack for SharePoint Server 2019 version 16.0.11426.3000

Evaluation of Azure and System Center

To test and evaluate free of charge the services offered by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in February 2019

The month of February was full of news and there are different updates that affected the Azure management services and System Center. This article summarizes to have a comprehensive overview of the main news of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

Azure Monitor

Multi-resource support for metric alerts

With this new feature, you can configure a single metric alert rule to monitor:

  • A list of virtual machines in an Azure region.
  • All virtual machines in one or more resource groups in an Azure region.
  • All virtual machines of a subscription, present in a given Azure region.

Azure Automation

The runbook Update Azure Modules is open source

Azure Automation allows you to update the Azure PowerShell modules imported into an automation account with the latest versions available in the PowerShell Gallery. This possibility is provided through the actionUpdate Azure Moduleson the page Modules of the Automation Account, and is implemented through a hidden runbook. In order to improve diagnostics and troubleshooting activity and provide the ability to customize the module, this has been made open source.

Support for the Azure PowerShell module Az

Azure Automation introduces support for the PowerShell module Az, thanks to which you can use the updated Azure modules within runbooks, to manage the various Azure services.

Azure Log Analytics

New version of the agent for Linux

This month the new OMS Agent version for Linux systems solves a specific bug during installation. To obtain the updated OMS agent version you can access at the GitHub official page.

Availability in new region of Azure

It is possible to activate a Log Analytics workspace also in the Azure regions of West US 2, Australia East and Central Australia. In this way the data is kept and processed in this regions.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 33 introducing new versions of the following components:

  • Microsoft Azure Site Recovery Unified Setup (version 9.22.5109.1): used for replication scenarios from VMware to Azure.
  • Microsoft Azure Site Recovery Provider (version 5.1.3900.0): used for replication scenarios from Hyper-V to Azure or to a secondary site.
  • Microsoft Azure Recovery Services Agent (version 2.0.9155.0): used for replication scenarios from Hyper-V to Azure.

The installation of this update rollup is possible on all systems running Microsoft Azure Site Recovery Service providers, by including:

  • Microsoft Azure Site Recovery Provider for System Center Virtual Machine Manager (3.3.x. x).
  • Microsoft Azure Site Recovery Hyper-V Provider (4.6.x. x).
  • Microsoft Azure Site Recovery Provider (5.1.3500.0) and later.

The Update Rollup 33 for Microsoft Azure Site Recovery Unified Setup applies to all systems that have installed the version 9.17.4860.1 or later.

For more information on the issues resolved, on improvements from this Update Rollup and to get the procedure for its installation is possible to consult thespecific KB 4489582.

Protection of Storage Space Direct cluster

In Azure Site Recovery (ASR) is introduced, with the Update Rollup 33, also the support for the protection of Storage Space Direct cluster, used to realize Guest Cluster in Azure environment.

Azure Backup

In Azure Backup has been released the feature of Instant Restorefor the virtual machines in Azure, that allows using the stored snapshots for the VMs recovery. Also it is given the option to configure the time of retention for the snapshots in the backup policy (from one to five days, the default is two days). This increases control over the protection of the resources, adapting it to specific requirements and depending on the criticality of the same.

Figure 1 – Retention period of the snapshot

System Center Configuration Manager

Released versions 1902 and 1902.2 for the Technical Preview Branch

Among the main new features of this release is included the ability to manage more effectively the restart notifications on systems managed by Configuration Manager.

For full details of what's new in this release you can consult this document. Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Management Packs

Following, are reported the news about the SCOM Management Packs:

  • Microsoft System Center 2016 Management Pack for Microsoft Azure version 1.6.0.7
  • Microsoft System Center Management Pack for SQL Server 2017+ Reporting Services version 7.0.12.0
  • Log Analytics Management Pack forSCOM 1801 version7.3.13288.0 and SCOM 2016 version7.2.12074.0
  • System Center Management Pack for Windows DNS Server version 10.0.9.3

Evaluation of Azure and System Center

To test and evaluate free of charge the services offered by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.