Category Archives: What's New

Azure Management services: What's new in May 2021

To stay constantly updated on news regarding Azure Management services, this summary is released monthly, allowing you to have an overview of the main new features of the month. In this article you will find the news, presented in a synthetic way and accompanied with the necessary references to be able to conduct further studies.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

Log Analytics workspace insights

Microsoft has announced the availability of Log Analytics workspace insights which allows you to obtain detailed information on the Log Analytics workspaces, providing a comprehensive overview of the following aspects: use, performance, integrity, agents, query e change logs.

These are the main questions to which the solution can provide an answer:

  • What are the main tables, those where most of the data is imported?
  • Which resource sends the most logs to the workspace?
  • How long does it take for the logs to reach the workspace?
  • How many agents are connected to the work area? How many are in a health state?
  • Query control: how many queries run in the workspace? What are their response codes and duration time? What are the slow and inefficient queries that require workspace overhead?
  • Who has set a daily limit? When data retention has changed?
    • Useful for keeping a log of changes in workspace settings.

Export of Azure Monitor logs to multiple destinations (preview)

You now have the option to create up to 10 data export rules in each Log Analytics workspace, having the flexibility to decide which tables to export and to which destination (storage accounts oppure event hubs). This configuration possibility makes it possible to address these aspects:

  • Event hub rate limit
  • Single storage account rate limit
  • Different logs can be exported to different destinations.

Updates related to the user interface(UI)

The following user interface updates have been introduced in Log Analytics(UI):

  • Consultation of custom logs: it is now possible to control and manage the table and the custom fields from a new dedicated panel, offering a new user interface that improves the experience of consulting custom logs.
  • Azure Dashboard: the parts of Log Analytics added to Azure dashboards support integration with filters.

Query packs in Azure Monitor (preview)

Query packages have been made available in Azure Monitor , which are essentially ARM objects containing several queries. Among the main features we find:

  • Being ARM objects, precise control of permissions is provided and can be distributed via code and incorporated into policies.
  • They work in all contexts and in all environments, with the ability to upload them to multiple subscriptions.
  • They allow organizations to better organize queries based on their taxonomy, thanks to the presence of new metadata.
  • The clear experience, harmonized and contextual to the environment is incorporated in Log Analytics.

Availability in new regions

Azure Monitor Log Analytics is now also available in the South India region. To check the availability of the service in all the Azure regions you can consult this document.

Secure

Azure Security Center

Integration con GitHub Actions (in public preview)

The integration of Azure Security Center (ASC) with GitHub Actions, in public preview, allows you to easily incorporate security and compliance early in the software development lifecycle. With this integrated experience, you can gain greater visibility into IT operations and IT security, both in the pipeline CI / CD, both in the security scans of container registry within ASC. Furthermore, end-to-end traceability makes it easier for developers to identify issues, improving resolution times and strengthening your cloud security posture.

Re-scanning of containers

Azure Security Center has introduced a new scan for containers that analyzes images to identify vulnerabilities before the push action occurs within the Azure container registries. In the future, ASC will also provide recommendations if you detect workflows that send Docker images without enabling scan actions CI / CD.

New features, bug fixes and deprecated features of Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

Protect

Azure Backup

Backup for Azure Blobs

Azure Blob Backup is a managed data protection solution, this helps protect block blobs from various data loss scenarios. The data is stored locally within the source storage account and can be restored from a certain time when necessary. This feature provides a simple means, safe and economical to protect blobs.

Azure Site Recovery

Enable Azure Site Recovery (ASR) when creating virtual machines

While creating new virtual machines from the Azure portal, you can now also enable the Azure Site Recovery replication process. This possibility is included in the virtual machine management options along with those already available, such as Monitoring, Identity, and Backup.

Migrate

Azure Migrate

New Azure Migrate releases and features

Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult the this page, that provides information about new releases and features. In particular, this month the main news is the migration of virtual machines and physical servers with operating system disks up to 4 TB, which is now supported using the migration method based on the presence of the agent.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: What's New in April 2021

Microsoft is constantly announcing news regarding Azure management services. This summary, released on a monthly basis, allows you to have an overall overview of the main news of the current month, in order to stay up to date on these news and have the necessary references to conduct further study.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New agent version for Windows Systems

A new version of the Log Analytics agent has been released this month for Window systemss. The new version includes a new tool for troubleshooting and handles changes to certificates in Azure services differently.

The uniqueness of the name of the Log Analytics workspaces is now per resource group

In the past, the uniqueness of the Azure Monitor Log Analytics workspace was globally for all subscriptions. This meant that when a workspace name was used by a customer, it could not be reused by others. Microsoft has changed the way in which the uniqueness of the workspace name is requested and is now managed in the context of the resource group.

New definitions built-in of the Azure Policy for data encryption in Azure Monitor

Azure Monitor provides built-in policies for data encryption governance and control over the key used for encryption at rest. Here are the new built-in policies available for data encryption:

  • Azure Monitor logs clusters should be encrypted with customer-managed key – Audit if log analytics cluster is defined with customer-managed key.
  • Azure Monitor logs clusters should be created with infrastructure-encryption enabled (double encryption) – Audit log analytics cluster is created with Infrastructure enabled.
  • Azure Monitor logs for application insights should be linked to a log analytics workspace – Audit if application insights is linked to store data in log analytics workspace. Workspace can then be linked to a log analytics cluster for customer-managed key settings.
  • Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption – Audit if workspace has linked storage account, which allows the encryption using customer-managed key.
  • Log alert queries in Azure Monitor will be saved in customer storage account, if workspace has linked storage account, which allows the encryption using customer-managed key.

Improvements for Log Alerts

Log Alerts are available in Azure Monitor that allow users to use a Log Analytics query to evaluate the resources logs at a set frequency and activate an alert based on the results obtained. Rules can trigger one or more actions using Action Groups. In this context, two new highly requested features have been released (in preview):

  • Stateful Log Alert: with this feature enabled, activated alerts are automatically resolved once the condition is no longer satisfied. In this way, the same behavior is adopted as in the alerts related to metrics.
  • Frequency of 1 minute: with this feature enabled, the alert query is evaluated every minute to verify the specified condition, thus reducing the overall time for activating a Log Alert.

Availability in new regions

Azure Monitor Log Analytics is also available in the region South India.

To check the availability of the service in all the Azure regions you can consult this document.

Container insights: support for the monitor of Kubernetes Azure Arc enabled environment (preview)

Containers insights in Azure Monitor has extended its monitor capabilities to Azure Arc Kubernetes clusters as well, providing the same monitoring capabilities present for the Azure Kubernetes service (AKS), which:

  • Visibility on the performance of the environment, through the memory and processor metrics for the controllers, nodes and containers.
  • View information collected through workbooks and in the Azure portal.
  • Alert and possibility of querying historical data for problem solving.
  • Ability to verify Prometheus metrics.

Configure

Azure Automation

Availability in new regions

Azure Automation is also available in the region South India.

Support for System Assigned Managed Identities for cloud and Hybrid job (public preview)

Azure Automation has introduced support for System Assigned Managed Identities for cloud and Hybrid jobs. Among the advantages of using Managed Identities we find:

  • The ability to authenticate to any Azure service that supports Azure AD authentication.
  • Elimination of the management overhead associated with managing Run As accounts in runbook code. This makes it possible to access resources via the Managed Identity of an Automation account from a runbook, without having to worry about creating RunAsCertificate, RunAsConnection, etc.
  • It is not necessary to renew the certificate used by the Automation Run As account.

Govern

Azure Cost Management

Updates related toAzure Cost Management and Billing

Microsoft is constantly looking for new methodologies to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported, including:

Secure

Azure Security Center

New features, bug fixes and deprecated features of Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

Protect

Azure Backup

Azure Dedicated Host protection support

Azure Backup has introduced support for the backup and recovery of virtual machines residing on Azure Dedicated Host, physical servers dedicated to your organization whose capacity is not shared with other customers. This feature is available in all Azure regions where Azure Dedicated Host can be activated.

Azure VM Scale sets protection with orchestration templates (preview)

Azure Backup now allows you to backup and restore Azure VM Scale sets with orchestration models, which provide a logical grouping of virtual machines managed by the platform.

Improvements in encryption using customer managed keys (preview)

Azure Backup now allows you to use your own keys to encrypt backup data residing in the Recovery Services vaults. This new feature allows you to increase the control of the encryption of your data. Furthermore, you can use the Azure Policy to control and apply encryption using keys managed directly by the customer.

Azure Site Recovery

Support for Azure Policy (preview)

The ability to use Azure Policy is now provided to enable large-scale use of Azure Site Recovery for virtual machines. After creating a disaster recovery policy for a resource group, all new virtual machines that will be added to this resource group will have Site Recovery enabled automatically. Furthermore, through a Remediation process, Site Recovery can also be enabled for all virtual machines already present in the Resource Group.

Support for cross-continental disaster recovery (for 3 region pairs)

Azure Site Recovery introduced support for cross-continental disaster recovery. Thanks to this feature, a virtual machine can be replicated from an Azure region in one continent to a region in another continent. In the event of a planned or unplanned outage, you will be able to fail over the virtual machine on all continents and, once the interruption has been mitigated, it can be brought back to the continent of origin (fail-back) and protected. This feature is currently available for the following 3 pairs of intercontinental regions:

  • Southeast Asia and Australia East
  • Southeast Asia and Australia Southeast
  • West Europe and South Central US

Support of “proximity placement groups” in hybrid and cloud disaster recovery scenarios

Azure Site Recovery introduced support for “proximity placement groups (PPG)” in hybrid and cloud disaster recovery scenarios. With this support it will be possible to replicate an on-premises physical or virtual machine or an Azure virtual machine within a PPG, in the chosen Azure target area. Upon activation of the failover plan, Site Recovery will activate the failover VM within the target PPG selected by the user. This functionality is available both through the Azure portal and through PowerShell and REST API, across all Azure regions.

Migrate

Azure Migrate

New Azure Migrate releases and features

Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult the this page, that provides information about new releases and features. In particular, this new release was released this month:

  • The tools Azure Migrate: Discovery and Assessment and Azure Migrate: Server Migration can be used by connecting privately and securely to the Azure Migrate service via ExpressRoute or via a site-to-site VPN, using Azure private links. This connectivity method is recommended to use when there is an organizational requirement to access the Azure Migrate service and other Azure resources without crossing public networks or if you want to get better results in terms of bandwidth or latency.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in March 2021

In March there were several news announced by Microsoft regarding Azure management services. In this series of articles, reported monthly, major announcements are listed, accompanied by the necessary references to be able to conduct further studies on.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

What's new in Azure Monitor for Windows Virtual Desktop

Azure Monitor for Windows Virtual Desktop, that will be made available in the coming weeks, will allow you to have a centralized view, containing all the monitor information to help you troubleshoot and operate on a large scale. Thanks to the latest updates it is possible to:

  • View a summary of the status and health of the pool host
  • Find and resolve deployment issues
  • Understanding and addressing user feedback
  • Evaluate resource usage and make scalability decisions, thus achieving optimal cost management

ExpressRoute Monitors in Azure Monitor Network Insights

Azure Monitor Network Insights allows now, through a centralized console, to make the ExpressRoute monitor. The solution displays the following information regarding ExpressRoute connectivity:

  • Topology of all ExpressRoute circuit components (peering, connections and gateways)
  • Provisioning and health status of the various components
  • Circuit metrics (Availability, throughput and packet delivery)
  • Metrics of the ExpressRoute gateway connected to the circuit

Azure Monitor SQL insights for Azure SQL (preview)

Azure Monitor SQL Insights allows you to collect, the analysis and customized display of telemetry data for SQL Database, SQL Managed Instance and SQL Server on board Azure Virtual Machines. The interactive experience introduced by SQL Insights allows you to customize the collection, the frequency of telemetry and to combine data from multiple sources, providing a unified monitoring experience for the SQL environment. SQL Insights is based on the Azure Monitor platform, giving customers access to all the viewing and notification features in the solution.

Azure Monitor Alerts for Azure Backup (preview)

You can now manage backup alerts through the standard Azure Monitor experience. This integration allows users to have a consistent experience in managing alerts across Azure services, including backup.

Azure monitor for containers: live consultation of pods logs & Replica set

Azure monitor for containers introduced support for real-time access to Azure Kubernetes Service Pods and Replica sets logs (AKS). Thanks to this new feature you can search for, filter and view historical pod logs in Log Analytics, you can also troubleshoot and diagnose pods and replica sets.

Container Insights: Persistent Volume monitoring & Tab reports

Container Insights of Azure Monitor introduces two new features:

  • Monitoring dei Persistent Volume (PV) for AKS clusters.
  • A new Reports tab that provides full access to all workbooks related to Kubernetes.

Azure SQL auditing in Log Analytics

It is now possible to merge the audit logs of Azure SQL Database and Azure Synapse Analytics to a Log Analytics workspace and to the Event Hub. This way you can centralize SQL audit logs in one location and do large-scale analysis.

New version of the agent for Linux systems

A new version of the Log Analytics agent has been released this month for Linux systems, which introduces several improvements and greater stability.

Availability in new regions

Azure Monitor Log Analytics is available in the following new regions:

  • Australia Central 2

To check the availability of the service in all the Azure regions you can consult this document.

Configure

Azure Automation

Availability in new regions

Azure Automation is available in the following new regions:

  • UK West

Azure Automanage

New features for Windows systems and extension to Linux distro

Azure Automanage is a new solution that automates several operations throughout the entire lifecycle of virtual machines located in Azure. It allows you to automatically implement best practices in virtual machine management ensuring compliance regarding security aspects, corporate compliance and business continuity. In this solution, new features have been added to simplify operations on virtual machines (VM) Windows Server, such as installing security patches without restarting. This feature allows security patches to be deployed in seconds, this makes it easier to protect servers from critical threats. Azure Automanage has also been extended to major Linux distributions.

Govern

Azure Policy

Azure Cost Management

Updates related toAzure Cost Management and Billing

Microsoft is constantly looking for new methodologies to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported, including:

  • Ability to monitor spending through alerts on expected costs (forecasted cost alerts)
  • New view of subscription costs
  • Cost Management Labs News

Secure

Azure Security Center

New features, bug fixes and deprecated features of Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

  • Integrating Azure Firewall management into Security Center
  • Inclusion of the “Disable rule” experience in SQL vulnerability assessment (preview)
  • Azure Monitor Workbooks built into Security Center
  • Azure Audit reports included in the regulatory compliance dashboard (preview)
  • Ability to view recommendation data in Azure Resource Graph with “Explore in ARG”
  • Workflow Automation Deployment Policy Updates
  • Improvements in the recommendations page

Protect

Azure Backup

Backup Center

The new Backup Center solution is now available and offers a unique experience designed for centralized management of large-scale backups. With Backup Center, you can dynamically explore large backup inventories between vaults, subscriptions, different locations and even tenants using Azure Lighthouse. The Backup Center can also govern any actions related to backups. Thanks to integration with Azure Policies and recent additional features for tag-based Azure Policies, large-scale governance can be implemented and compliance monitoring simplified. Backup Center also provides useful information to detect resources that are not protected from backups.

Backup Center supports the following types of workloads:

  • Azure Virtual Machines
  • SQL in Azure Virtual Machines
  • HANA in Azure VMs
  • Azure Files

Furthermore, the following workloads are supported in preview:

  • Azure Disks
  • Azure Blobs
  • Azure Database for PostgreSQL Servers

Azure Managed Disk backups

Azure Backup offers the ability to protect managed disks. All this takes place through the periodic creation of snapshots that are kept for a duration established by backup policy. The solution does not require the presence of specific agents and supports backup and recovery of both operating system and data disks (including shared disks), regardless of whether or not they are connected to a virtual machine running in Azure.

SAP HANA Incremental Backup Support

Azure Backup introduces support for creating incremental SAP HANA backups (at the moment in all regions, except Germany Northeast, Germany Central, France South, and US Gov IOWA). Sap HANA's large DB protection is faster and cheaper with this feature.

Support for Archive storage for backup of VMs and SQL on board VMs (preview)

In Azure Backup, you can now move recovery points to save costs and keep your backup data longer. This feature is available for Azure VMs and SQL Servers installed on board Azure VMs. Using Azure PowerShell, you can move these backups from the standard tier to the new archive tier. Restores can be done in an integrated way from the Azure portal, with a simple and intuitive process. In addition to this, Azure Backup will provide, using a specific API, recommendations for moving recovery points to the tier archive.

Backup for Azure Blobs (preview)

Azure Blob backup is an on-premises and managed data protection solution, this helps protect block blobs from various data loss scenarios. Data is stored locally within the source storage account and can be restored from a certain selected time when needed. This feature provides a simple means, safe and economical to protect blobs.

Azure Site Recovery

Expanding DR scenarios to Availability Zones from Azure

Although Availability Zones are traditionally used by customers for high-availability configurations of environments, can now also be leveraged to implement specific disaster recovery scenarios. This feature allows you to define DR plans for scenarios where the maintenance of data residency and local compliance is required, improving the Recovery Point Objective (RPO). This configuration also reduces the complexity of the configurations required to implement a DR strategy in a secondary region.

Migrate

Azure Migrate

New Azure Migrate releases and features

Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult the this page, that provides information about new releases and features. In particular, this month the main news concern:

  • Support to provide multiple server credentials on the Azure Migrate appliance needed to detect installed applications (software inventory), perform agentless dependency analysis and discover SQL Server instances and databases in the VMware environment.
  • Agentless VMware migration now supports simultaneous replication of 500 VMs for vCenter.
  • Azure Migrate automatically installs the Azure VM agent during migration (using the agentless migration method).
  • Azure Migrate Hub now includes an app containerization tool (preview), with support for ASP.NET and Java web applications, which allows you to facilitate the migration of containerized applications running on Azure Kubernetes Service (AKS).
  • Ability to perform assessment for migration to Azure VMware Solution.
  • The new Azure Migrate PowerShell module (preview) adds support for Server Migration agentless tools for migrating VMware virtual machines (VM) in Azure. Furthermore, you can configure and manage server replication to Azure and migrate them, using Azure PowerShell cmdlets in an automated and repeatable way.

Azure Database Migration

SQL Server discovery and assessment agentless

With Azure Migrate, you can now discover SQL Server instances and databases running in a VMware environment, analyze their configuration, application performance and dependencies to migrate to Azure SQL databases and Azure SQL Managed Instances. The solution can provide information regarding the possibility of migration, correct sizing and SQL Azure cost projections.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in February 2021

The month of February was full of news and there are several updates that have affected the Azure management services. This article provides an overview of the month's top news, so that we can stay up to date on these topics and have the necessary references to conduct further insights.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

Availability in new regions

Azure Monitor Log Analytics is available in the following new regions:

  • UAE Central
  • Japan West
  • Australia Central 2 (preview)

To check the availability of the service in all the Azure regions you can consult this document.

The new Azure Monitor agent and the new data collection rules features(preview) extend to new regions and distros

Azure Monitor currently has (in preview) a new unified agent (Azure Monitor Agent – AMA) and a new concept to make data collection more efficient (Data Collection Rules – DCR).

Among the various key features of this new agent we find:

  • Support for Azure Arc server(Windows and Linux) 
  • Virtual Machine Scale Set support (VMSS)
  • Installation via ARM template

As far as the Data Collection is concerned, it introduces these innovations:

  • Better control in defining the scope of data collection (e.g.. ability to collect from a subset of VMs for a single workspace)
  • Single collection and sending to both Log Analytics and Azure Monitor Metrics
  • Send to multiple workspaces (multi-homing for Linux)
  • Ability to better filter Windows events
  • Better extension management

AMA on Linux supports the following new distros for data collection (Data Collection Rules – DCR):

  • CentOS Linux 8*
  • Debian 10
  • Oracle Linux 8*
  • Red Hat Enterprise Linux Server 8*
  • SUSE Linux Enterprise Server 15.2*
  • SUSE Linux Enterprise Server 15.1*
  • Ubuntu 20

*Known issue with Syslog events. Currently only Performance Counters are supported (CPU, Memory, Disk, Network)

Furthermore, AMA and DCR are now available in new regions:

  • UK West (Wuk)
  • Korea Central (If)
  • France Central (Frc)
  • South Africa North (Jnb)
  • Switzerland North

New disk bursting metrics

Azure Monitor allows you to obtain detailed information on the resources deployed and running in the Azure environment. Through metrics, which are resource performance indicators in Azure, you can get detailed information about what's happening. Azure Monitor releases new metrics to help you better understand disk bursting performance. These new metrics provide the expected performance from Premium SSD disks and indicate the amount of bursting credits that have been used.

Configure

Azure Automation

Availability in new regions

Azure Automation is available in the following new regions:

  • Japan West
  • UAE Central

To check the availability of the service in all the Azure regions you can consult this document.

Govern

Azure Cost Management

Availability for Azure Government Pay-As-You-Go subscription

Azure Cost Management features are now also available for Azure Government Pay-As-You-Go subscriptions.

Updates related toAzure Cost Management and Billing

Microsoft is constantly looking for new methodologies to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported, including:

Secure

Azure Security Center

What's new in Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

Protect

Azure Backup

Cross Region Restore (CRR) for Azure virtual machines

Azure Backup stores the backup data in the Recovery Service vault on which a geographical redundancy is set by default. This results in the backup data in the primary region being geographically replicated to the associated secondary region (paired region). However, replicated data in the secondary region is available for recovery only if Azure declares an emergency in the primary region. By adopting this new functionality in Azure Backup, you will be able to start restores of virtual machines in a secondary region at will, making them completely controlled by the customer. To do this, however, the Recovery Service vault that holds the backups must be set up in geographical redundancy. Recovery between different Azure regions is available, still in preview, also for SQL and SAP HANA.

New features for Azure Backup Center (preview)

Backup Center, currently in preview, now also supports the following workloads: SQL in Azure VM, SAP HANA in Azure VM and Azure Files. With the Backup Center, you can centrally manage and monitor backups of all supported Azure workloads.

Furthermore, new built-in policies for Azure Backup have been included in the Backup Center that allow you to configure the backups of virtual machines in Azure based on the resource groups they belong to and the assigned tags.

Azure Backup for SAP HANA: soft limit increased by 2 TB to 8 TB

Thanks to the new data transfer features, Azure Backup now helps protect larger SAP HANA DB. Azure Backup for SAP HANA now allows you to reach data transfer speeds up to 420 MBps for non-log backups (for example full, differential and incremental) and 100 MBps for log backups. Thanks to this improvement in data transfer capacity it is possible to back up ~ 1,5 TB per hour, which results in 6-8 TB of full backups in 4-6 hours. The Azure Backup Service allows you to provide similar speeds even during restore operations.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 54 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in January 2021

The new year began with several announcements from Microsoft regarding news related to Azure management services. The Cloud Community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

Cross query between Azure Monitor and Azure Data Explorer (preview)

The ability to query between Azure Monitor and Azure Data Explorer allows you to query data exported to Azure Data Explorer or Azure blob storage and merge them with any Azure Monitor Log Analytics workspace.

Among the various features recently released we find the ability to perform queries:

  • Between Azure Data Explorer and Azure Monitor services (Log Analytics / Application Insights) and vice versa
  • On Azure Monitor logs exported from an Azure blob storage account using Azure Data Explorer

In Azure Monitor Log Analytics, the maximum data retention time frame is limited to 2 years. This aspect can be limiting in some areas, to the point that certain compliance criteria are not met. To overcome this limitation, you can export logs to an Azure blob storage. This new feature allows you to cross-query by including data exported to Azure blob storage in an integrated way.

Monitoring Azure Data Explorer Cluster with Azure Monitor (preview)

Azure Monitor expands its capabilities with Azure Monitor for Azure Data Explorer, which allows you to perform a complete monitor of Azure Data Explorer clusters, providing a single view of performance, of operations, and actual use.

Integration between Azure Monitor workbooks and Application Change Analysis (preview)

The recently released integration between Azure Monitor and Application Change workbooks allows you to create different types of charts, using as a data source the information regarding the changes that are made in the Azure environment. For example,, you can create charts to see when important changes have occurred in the last few 24 hours, or use the ability to merge to see what changed before a spike in memory that occurred on a VM.

ITSM Connector for ServiceNow ITOM with Secure Export (preview)

Secure Export is the new version (in preview) of the’IT Service Management Connector (ITSM) of Azure Monitor, which allows you to automatically create work items in an ITSM tool, when an Azure Monitor alert is activated. As part of the preview, a new integration with ServiceNow IT Operations Management was introduced (ITOM) using Secure Export.

Azure Monitor Network Insights

Azure Monitor Network Insights is now available and allows , through a centralized console, to monitor your Azure network infrastructure. The main features of Network Insights are as follows:

  • Unique console for the network monitor.
  • Agent configuration is not required.
  • Centralized access to traffic and connectivity monitor tools, that allow you to check health state, metrics, alerts, and data.
  • Viewing the network topology, with the ability to view functional dependencies. This will make it easier to solve any problems.
  • Access resource metrics to debug when needed, without having to write queries or create specific workbooks.

Availability in new regions

Azure Monitor Log Analytics is now available in the following Azure regions: “Germany West Central”, “UAE North”, and “Switzerland West”. Furthermore, Azure Log Analytics is available in preview in two new regions: “UAE Central” and “Japan West”. To check the availability of the service in all the Azure regions you can consult this document.

Configure

Azure Automation

Availability in new regions

Azure Automation is now available in the “UAE North” and in the region of “Switzerland West”. To check the availability of the service in all the Azure regions you can consult this document.

Govern

Azure Policy

Support for NSG Flow Logs

TheNSG flow logs in the Azure platform, they allow you to maintain the visibility of network traffic entering and leaving the Network Security Groups. To simplify the deployment experience, NSG flow logs Integrated support has been introduced in the Azure Policy, which allows you to check the enabled status and to force the collection of NSG flow logs when disabled, specifically by using the following policies:

  • Audit policy: NSGs flag without Flow logs enabled
  • DeployIfNotExists policy: Enable Flow logs on NSGs where it is disabled   

Azure Cost Management

Updates related to Azure Cost Management and Billing

Microsoft is constantly looking for new ways to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . In this article some of the latest improvements and updates regarding this solution are reported, including:

  • New cost view for resource groups
  • Saving the last scope used
  • Cost Management Labs News
  • Definition of roles and responsibilities
  • Cost-saving methodologies by running .NET apps on Azure
  • New ways to save money
  • New videos to deepen these issues
  • Documentation updates

Secure

Azure Security Center

Vulnerability assessment for on-premises and multi-cloud systems

The Azure Security Center solution has recently been enriched with the ability to carry out an integrated Vulnerability Assessment, not just virtual machines in Azure, but also systems located on-premises or in multi-cloud environments, as long as Azure Arc has been enabled.

The vulnerability scanning included in Azure Defender for servers is done through the solutionQualys, which is recognized as a leading tool for real-time identification of potential vulnerabilities in the systems.

Thanks to this update, it is possible to harness the power of Azure Defender for server to consolidate the vulnerability management program on all resources in your environment (Azure and not). Among the main features we find:

  • Monitoring the VA scan (vulnerability assessment) on Azure Arc machines
  • Provisioning the VA agent on Azure Arc Windows and Linux machines (manually and on a large scale)
  • Receiving and analyzing vulnerabilities detected by distributed agents (manually and on a large scale)
  • Unified experience for Azure VMs and Azure Arc machines

What's new in Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

  • Azure Security Benchmark becomes the default initiative
  • Secure score for management groups (preview)
  • Secure score API
  • DNS sangling security added to Azure Defender for App Service
  • Multi-cloud connectors
  • Exemption, for subscriptions and management groups, for recommendations from the secure score
  • Users can request visibility “tenant-wide”
  • 35 recommendations in previews added
  • CSV export of filtered lists of recommendations
  • Resources “Not applicable” are reported as “Compliant” in Azure Policy assessments
  • Weekly export of secure score and regulatory compliance data through continuous export (preview)

Azure Defender for SQL updates and enhancements

In Azure Security Center, the following updates and improvements have been made to Azure Defender for SQL:

Protect

Azure Backup

Azure Managed Disk backups (limited preview)

Azure Backup offers the ability, at the moment by accessing a limited preview, to protect managed disks. All this takes place through the periodic creation of snapshots that are kept for a duration established by backup policy. The solution does not require the presence of specific agents and supports backup and recovery of both operating system and data disks (including shared disks), regardless of whether or not they are connected to a virtual machine running in Azure.

Encryption at rest with keys “customer-managed”

Azure Backup introduces encryption at rest support using customer-managed keys. This feature encrypts backup data in recovery services vaults using your keys in the Azure Key Vault. Data is protected using a data encryption key (DEK) AES-based 256, which in turn is protected using the keys stored in the Key Vault. Compared to encryption that uses keys managed by the Azure platform (available by default), this support gives you more control over encryption key management, enabling you to best meet your compliance needs.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 53 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in December 2020

In December several news regarding Azure management services were announced by Microsoft. Our community releases this monthly summary that gives you a comprehensive overview of the main news of the month, in order to stay up to date on these news and have the necessary references to conduct further study.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New Azure Monitor agent and new Data Collection Rules features(preview)

Azure Monitor introduces (in preview) a new unified agent (Azure Monitor Agent – AMA) and a new concept to make data collection more efficient (Data Collection Rules – DCR).

Among the various key features added in this new agent we find:

  • Support for Azure Arc server(Windows and Linux) 
  • Virtual Machine Scale Set support (VMSS)
  • Installation via ARM template

With regard to the Data Collection, these innovations have been made:

  • Better control in defining the scope of data collection (e.g.. ability to collect from a subset of VMs for a single workspace)
  • Single collection and sending to both Log Analytics and Azure Monitor Metrics
  • Send to multiple workspaces (multi-homing for Linux)
  • Ability to better filter Windows events
  • Better extension management

Azure Monitor for Windows Virtual Desktop (preview)

Azure Monitor now allows you to perform the following operations related to Windows Virtual Desktop environments:

  • View a summary of the status and health of host pools
  • Find and resolve any deployment issues
  • Evaluate resource usage and make decisions about scalability and cost management
  • Understanding and addressing user feedback

Azure Monitor for containers: tab reports and deployment logs

In Azure Monitor for containers a new tab has been made available Reports that gives customers complete access to all advanced monitoring workbooks for Kubernetes, for example: Node-disk, Node-network, workloads and Persistent Volume monitoring.

Furthermore, you can now view real-time logs of Azure Kubernetes Service deployments (AKS), accessing the live logs of the pods directly. Log Analytics will allow you to search by applying filters to view historical pod deployment logs, useful for diagnosing any issues.

Azure Monitor for containers: support for Private Cluster live logs (preview)

In Azure Monitor for containers support for private cluster live logs has been introduced, this allows you to view in real time container logs, pod events and metrics. For more details please visit the Microsoft-specific documentation.

Infrastructure Encryption for Azure Monitor data 

Starting from 1 November 2020 data that flows into Azure Monitor is encrypted twice: at the service level and now also at the infrastructure level, thanks to the double encryption available for Azure storage.

Configure

Azure Automation

Support for Azure Private Link available

Microsoft has introduced support forAzure Private Link, necessary to securely connect virtual networks to Azure Automation through the use of private endpoints. This feature is useful for:

  • Establish a private connection with Azure Automation, without opening access from the public network.
  • Ensure that Azure Automation data is accessible only through authorized private networks.
  • Protect yourself from data extraction by allowing granular access to specific resources.
  • Keep all traffic within the Microsoft Azure backbone network.

Availability in new regions

Azure Automation is now available in the “Norway East” and “Germany West Central”. To check the availability of the service in all the Azure regions you can consult this document.

Support for Python3 runbooks (preview)

In Azure Automation, you can now import, create and run runbooks Python 3 in Azure or in a Hybrid Runbook Worker.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in November 2020

In November, Microsoft unveiled several news regarding Azure management services. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New version of the agent for Linux systems

This month, a new version of the Log Analytics agent was released forLinux systems, which includes several improvements and ensures greater stability. Among the main changes is support for Red Hat Enterprise Linux 8, CentOS 8, Ubuntu 20.04 and SLES 15 SP1+, as well as an extension of features for Azure Arc VMs. It also includes a new troubleshooting tool.

Availability in new regions

Azure Log Analytics is now available in the "Brazil Southeast" and "Norway East" regions. It is also available in preview in three new regions: “Germany West Central”, “UAE North”, and “Switzerland West”. To check the availability of the service in all the Azure regions you can consultthis document.

Virtual Machines Guest Health (preview)

The functionality Virtual Machines Guest Health allows you to monitor the health status of the CPU, disk and memory for a virtual machine and allows you to receive alerts for changes. Each monitor measures the health status of a particular component and the three states covered are: Healthy, Warning, and Critical. These states are defined based on the thresholds set by the user for each monitor. The functionality Virtual Machines Guest Health has a hierarchical model “father-son” where the overall integrity of the virtual machine is determined by the integrity of its individual monitors and corresponds to the monitor state “son” having the worst state of integrity.

Configure

Azure Automation

Availability in a new region

Azure Automation is now available in the “Brazil Southeast”. To check the availability of the service in all the Azure regions you can consult this document.

Govern

Azure Policy

Export and management of Azure Policies as code with GitHub

You can now export Azure policies to GitHub directly from the Azure portal, through the “Export definitions”. After exporting, you can use GitHub actions to create custom workflows for deploying policies from GitHub to Azure. For further information you can consult this documentation.

Azure Advisor

New recommendations

Azure Adivisor has added the following recommendations to help improve the reliability and performance of Azure resources.

Reliability:

Performance:

Protect

Azure Backup

Soft Delete for SQL Server and SAP HANA in Azure VMs

Azure Backup officially released thesoft delete also with regard to the SQL Server and SAP HANA protection on board Azure virtual machinesSoft delete is a security feature that allows you to protect your backups even after you delete it. Thanks toSoft delete, in the event that a backup is removed accidentally or for malicious actions, you are guaranteed that the backup data is still maintained for 14 days from the cancellation date. This feature, that doesn't include any additional costs, allows you to recover any backups removed within the retention period.

News in SAP HANA protection

Azure Backup makes it easy to back up and restore SAP HANA databases running on Azure virtual machines and is BackInt certified by SAP. With regard to the protection of SAP HANA, the following innovations have been introduced:

  • Support for SAP HANA incremental database backups (preview).
  • Azure Backup's SAP HANA backup uses a pre-registration script to create a HANA user to perform backup and restore operations, which has suffered significant updates about the permissions required by the user who is used to perform backups.

Long term protection for Azure PostgreSQL

Azure Backup provides the ability to keep Azure Database backups for PostgreSQL up to 10 years. To consult the advanced protection features of Azure PostgreSQL databases you can consult this article.

Azure Resource Manager template support for backing up Azure file shares

Azure Backup introduced the ability to configure backup protection for Azure file shares by using the Azure Resource Manager declarative template (ARM). With this new option, you can enable backup of Azure file shares through a specific JSON file that can be deployed through the Azure portal, Azure Powershell or with azure command-line interface.

Azure Site Recovery

DR for Azure VM: increased the maximum disk size

Azure Site Recovery now enables Disaster Recovery scenarios for virtual machines in Azure with managed disks up to 32 TB, replicated in a secondary region.

Migrate

Azure Migrate

PowerShell support for the Server Migrate tool

In Azure Migrate, thanks to the addition of a new PowerShell-based management interface for the Server Migrate tool, you can configure and manage server replication and migration to Azure using Azure PowerShell cmdlets. This allows you to perform migrations in a repeatable and automated way, being able to obtain greater scalability and speed in the migration processes.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in October 2020

In October, Microsoft announced a considerable number of news regarding Azure management services. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New version of the agent for Linux systems

This month, a new version of the Log Analytics agent was released for Linux systems, which includes several improvements and ensures greater stability. Among the main changes is support for Red Hat Enterprise Linux 8, CentOS 8, Ubuntu 20.04 and SLES 15 SP1+, as well as an extension of the features for Azure Arc VMs. Also included is support for Python 3 and a new troubleshooting tool.

Monitor Azure Arc-enabled Kubernetes environments

Azure Monitor for Containers now extends support by contemplating alerts related to metrics of azure arc-enabled kubernetes environments. These metric alerts enable an effective monitor of system resources. To see the list of alerts available for Azure Arc-enabled Kubernetes clusters, please consult this document.

Azure Monitor for containers: Network Policy Manager support (Preview)
It is now possible to monitor the networking of AKS clusters using Network Policy Manager (NPM). In this way Azure monitor for containers will collect the metrics and report any anomalies in the configuration or in the performance of the network.

Azure Monitor for containers: persistent volume monitoring support (PV)

Azure Monitor for containers is now able to monitor the capacity of the persistent volume (PV) connected to the AKS cluster, collecting capacity metrics for all PVs, except for kubesystemnamespace.

Azure Monitor Log Analytics data export (preview)

This feature allows you to continuously export data that resides in certain tables in a Log Analytics workspace to an Azure storage account (every hour) or to Azure Event Hub (almost in real time). When exporting to a storage account, each table is stored in a separate container. Similarly, when you export to event hub, each table is exported to a new event hub instance. There is currently no method for filtering data and limiting the export of only certain events. By adopting this feature you can take advantage of the following benefits:

  • Low cost data retention
  • Easier compliance when data retention is required for an extended period of time
  • Integration with third-party solutions such as Azure Data Lake and Splunk
  • Low-latency export to Event Hub, enabling near real-time monitoring and alerts

Availability in new regions (preview)

Azure Log Analytics is now available in preview in the region of “Brazil Southeast” and “Norway East”. To check the availability of the service in all the Azure regions you can consult this document.

Configure

Azure Automation

Availability in a new region

Azure Automation is now available in the “Switzerland North”. To check the availability of the service in all the Azure regions you can consult this document.

Govern

Azure Policy

Added support for keys, secrets, and certificates in Azure Policy for Key Vault

Azure Policies for Key Vault allow you to control secrets, keys, and certificates stored in the key vault to ensure that set compliance requirements are met. Any secrets, keys, or certificates that do not meet the requirements will appear as non-compliant in the policy compliance dashboard. Furthermore, you can set deny policies to prevent users from creating or importing objects into the key vault that do not comply with the policies that you set. Compliance results can also be published in Azure Security Center.

Azure Cost Management

Azure Cost Management + Billing updates

During this month, news was announced regarding the following areas of Azure Cost Management and Billing:

Azure Advisor

New recommendations

The following recommendations have been added in Azure Adivisor to improve resource performance:

  • Use the Accelerated Writes feature in your HBase cluster
  • Review Azure Data Explorer table cache-period (policy)
  • Optimize MySQL temporary-table sizing
  • Distribute data in server group to distribute workload among nodes

For further information you can consult this article.

Furthermore, to improve the operation of the Azure environment, the following recommendations have been included:

  • Ensure that at least one host pool is Validation Environment enabled
  • Make sure not too many host pools have Validation Environment enabled
  • Use Traffic Analytics to view insights into traffic patterns across Azure resources

More details are available in this article.

Protect

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 51 which solves several issues and introduces support for the following Linux distributions: SUSE 15 SP2, RHEL 7.9 e Cent OS 7.9. The related details and the procedure to follow for installation can be found in specific KB.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in September 2020

Also in September, Microsoft announced news regarding Azure management services. Our community publishes this summary monthly to provide an overview of these new features. In this way you can stay up-to-date on these topics and have the necessary references to conduct further investigations.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New agent version for Windows Systems

A new version of the Log Analytics agent has been released this month for Windows systems, which introduces several improvements and greater stability.

New unified Agent and data collection rules (preview)

Azure Monitor is introducing a new concept for configuring data collection and a new unified agent for Azure Monitor in public preview. The new agent and data collection rules improve some key areas of data collection from virtual machines in Azure Monitor, including:

  • Send data to both Log Analytics and Azure Monitor metrics.
  • Data collection scoping for a subset of virtual machines for a single workspace.
  • Sending data to multiple workspaces for Linux VMs (multi-homing).
  • Improvements in Windows event filters.

New agent for containers

The new version of the Azure Monitor agent for containers introduces these changes:

  • Allows you to monitor the status of your deployments and Horizontal Pod Autoscaler (HPA) via workbook.
  • Accessing the tab Health (limited preview)
  • Bug fixes such as displaying node status “not ready”.

Azure Resource Health

Azure Cloud Services support

In Azure Resource Health real-time health status and status history are now reported for Azure Cloud Services, in particular:

  • Help diagnose and get support for Azure Cloud Service.
  • Reports the current and past status of resources at the level of Deployment, Role & Role Instance.
  • Provides detailed reasons for health status changes.
  • Sets alerts when health status changes.

Govern

Azure Cost Management

Cost Management for Amazon Web Services (AWS)

Adopting a multi-cloud strategy usually results in high complexity in cost control, often given by the different management of different cost models and different billing cycles. Keeping the costs of workloads residing on different cloud providers under control can be difficult to understand as they require the use of different dashboards and views.

Azure Cost Management introduced the ability to centrally manage AWS costs in addition to Azure. This feature allows you to avoid budget surpluses, to maintain control and better manage cloud cost responsibility.

Secure

Azure Security Center

Introduction to Azure Defender

Threat protection services in the Azure Security Center have been renamed to Azure Defender. Furthermore, thanks to the new dashboards, a better experience is offered for detecting security threats and their responses.

Securing SQL databases and virtual machines at any location

With Azure Arc support, Azure Defender can now protect SQL servers located on-premises and in multicloud environments, as well as virtual machines hosted in other public clouds.

Advanced protection for containers

The growing popularity of the adoption of containers and Kubernetes has led to an evolution in Azure Defender for Kubernetes. In fact, to ensure adequate workload protection in the Kubernetes environment, Azure Defender has included Kubernetes policy management, hardening and application of admission controls.

Furthermore, thanks to the introduction of a mechanism that allows continuous scanning of container images, the possibility of maliciously exploiting the running containers is reduced to a minimum.

IoT protection

Azure Defender for IoT, thanks to the recent acquisition of CyberX, can provide security for IoT devices in agentless mode. The solution provides continuous detection of IoT assets / OT, vulnerability management and threat monitoring for both greenfield and brownfield devices.

Protect

Azure Backup

Backup Center

The new Backup Center solution, currently available in public preview, provides a unique experience designed for centralized backup management at scale. With Backup Center, you can dynamically explore large backup inventories between vaults, subscriptions, locations and even different tenants. The Backup Center can also govern any actions related to backups.

Backup Center supports the following types of workloads:

  • Azure Virtual Machines
  • SQL in Azure Virtual Machines
  • Azure Database for PostgreSQL servers
  • Azure Files

Cross Region Restore

Recovery between different Azure regions, available for virtual machines, has also been extended to support SQL and SAP HANA. Cross Region Restore allows customers to restore their data to secondary regions at any time, essential in the event of the unavailability of the primary region.

Long-term protection of Azure Database for PostgreSQL

Azure Backup and Azure Database Services have merged to provide an enterprise-class backup solution for Azure Database for PostgreSQL (preview). Through managed backup policies you can enable backup retention for up to ten years.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 50 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Migrate

Azure Migrate

Introduced support for Availability Zones

In the tool Azure Migrate: Server Migration the support for Availability Zones was introduced when migrating server systems to Azure. The Azure Availability Zones are a mechanism for achieving high availability, protecting applications and data from failure that might occur in Azure datacenters. With this new opportunity, you can achieve better resiliency for application workloads that migrate to your Azure environment.

Support for Windows Virtual Desktop and ASP.NET web applications included

Azure Migrate has recently expanded support to include in migration scenarios:

  • Windows Virtual Desktop. This migration process helped companies provide a secure and reliable remote desktop experience, simplifying the path to the adoption of cloud solutions.
  • ASP.NET Web Applications. By migrating on-premises .NET-based web applications to managed services provided by the Azure platform, such as App Service and Azure SQL, customers are able to reduce costs and simplify application management.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: what's new in August 2020

Microsoft constantly releases news about Azure management services. Our community publishes this monthly summary to provide an overview of the top news released in the last month. This allows you to stay up-to-date on these topics and have the necessary references to conduct further investigations.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New version of the agent for Linux systems

A new version of the Log Analytics agent has been released this month for Linux systems. In addition to solving several issues, some new features are introduced, among the main ones we find:

  • Support for Red Hat Enterprise Linux 8
  • Support for Azure Arc for servers
  • FIPS compliance
  • Limiting ingestion to prevent service degradation in the event of extremely high data volume

Azure Monitor for containers: support for viewing Kubernetes environment resources (preview)

With the Kubernetes resource monitor from the Azure portal, you can now use the kubernetes “point and click” to get real-time details of workloads hosted in the AKS environment. The public preview of this feature includes support for different resources (deployments, pods, and replica sets) and supports the following features:

  • Viewing Workloads Running on the Cluster, including the ability to filter resources by namespaces
  • Find the node on which an application is running and its IP address of the pod
  • View pods in set replica, the status of each pod and the images associated with each pod
  • Drill down for individual deployments to view their real-time status and details
  • Perform on-the-fly changes on YAML to validate devtest scenarios

Audit Logs for Azure Monitor queries (preview)

The Azure Monitor team has announced in public preview one of the most requested features: the ability to check Azure Monitor query logs. When enabled, through the Azure diagnostic mechanism, you can collect telemetry data about who ran a query, when it was performed, which tool was used to run it, text and performance statistics related to the performance of the same. This telemetry, like any other Azure Diagnostic-based telemetry, can be sent to an Azure storage blob, Event Hub or Azure Monitor.

New dedicated blade for System Center

System Center now has its own dedicated blade in Log Analytics. To display the new System Center panel, you need to access the Log Analytics workspace and select “System Center” from the left navigation bar, in the group “Workspace Data Sources”. The new System Center blade lets you view and manage SCOM instances connected to your Log Analytics workspace.

New limits for data ingestion in Log Analytics

Azure Monitor is a large-scale service designed to serve thousands of customers who send high volumes of data every month at an increasing rate. As with any multi-tenancy platform, Microsoft has realized that limits must be placed to protect customers from sudden spikes in ingestion that can affect customers who share the environment and resources. Until now, there was only one import volume speed limit for Azure resource data from Diagnostic Settings. Now you've added the limit to other Log Analytics data sources, including: Diagnostic Settings, agents and data collection APIs. The limit is applied to compressed data approximated 6 GB / Min, where this limit may vary depending on the types of data and its compression ratio. This limit for import volume speed in Log Analytics can be increased by opening a support request.

Log Analytics REST APIs: released a new version

The new version (2020-08-01) of the Log Analytics REST API for the resource provider OperationalInsights was released. This version supports new features such as customer-managed keys(CMK), Bring Your Own Storage (BYOS) and consolidates the functionality of all previous versions.

Govern

Azure Policy

Azure Policy Compliance Scan Action for Workflows GitHub (preview)

In preview, the following were released Azure Policy Compliance Scan Action for Workflows GitHub. The new GitHub actions will make it easier to activate compliance analysis than the subscription-based Azure Policy, resource groups or other resources and will automate the next steps in the GitHub workflow based on resource compliance status.

Protect

Azure Backup

Selective disk backup for virtual machines in Azure (preview)

Azure Backup introduced the ability to selectively back up virtual machine disks. This feature primarily introduces the following benefits:

  • Cost Optimization
  • Faster backup and restore operations

Configuring Azure file shares

Azure Backup has simplified the backup configuration experience for Azure file shares, providing the ability to enable backup directly from the file share management panel.

Configuring Azure file shares backup now consists of only the following two steps:

  • Creating or choosing the recovery services vault
  • Create or choose the backup policy

Improvements in virtual machine protection

Azure Backup introduces the following improvements in the protection of VMs:

  • Introduces the ability to restore unmanaged disks of a VM by turning them into managed disks during the restore phase.
  • Supports the backup and restore of Virtual Machine Scale Sets in the orchestration mode described in this document.
  • Allows disk replacement as an option for VMs that have assigned Managed Service Identities (MSI).

Encryption of backups using customer managed keys (preview)

Azure Backup introduces the possibility, when you back up Azure Virtual Machines, to encrypt data using proprietary and managed keys. Azure Backup allows you to use RSA keys stored in Azure Key Vaults to encrypt backups. The data will then be protected using a data encryption key (DEK) AES-based 256, which in turn is protected using keys stored in Key Vaults. This gives you full control over the data protection and keys that are used for encryption.

SAP HANA backup for Red Hat Enterprise Linux VM

Azure Backup has released the ability to protect SAP HANA databases on Red Hat Enterprise Linux virtual machines (RHEL). This feature allows to have in an integrated way and without having to provide a specific backup infrastructure, the protection of SAP HANA databases on RHEL, one of the most commonly used operating systems in these scenarios.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 49 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Migrate

Azure Migrate

Assessment of physical servers and servers in AWS and GCP

Azure Migrate introduces support for assessment of physical servers and systems residing in Amazon Web Services (AWS), Google Cloud Platform (GCP) or at any cloud. Thanks to this evolution in the solution it is possible to evaluate any machine in the cloud or on-premises even when you can not access the hypervisor. The assessment is able to provide the following information:

  • Analyze suitability in Azure environment
  • Planning for migration costs
  • Performance-based scaling
  • Support for application dependency analysis (agent-based)

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.