Category Archives: What's New

Azure Management services: What's new in May 2020

To stay constantly updated on news regarding Azure management services, our community releases this monthly summary, allowing you to have an overview of the main new features of the month. In this article you will find the news, presented in a synthetic way and accompanied with the necessary references to be able to conduct further studies.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New version of the agent for Linux systems

A new version of the Log Analytics agent has been released this month for Linux systems. The main innovations introduced are:

Stability and reliability improvements.
Improved support for Azure Arc for Server.
FIPS Compliance.
RHEL support 8.

SHA-2 signing for the Log Analytics agent

The Log Analytics agent for Windows will start enforcing SHA-2 signings from 17 August 2020, postponing the date previously set to 18 may 2020. This change requires action if you are running the agent on a legacy version of the operating system (Windows 7, Windows Server 2008 R2, or Windows Server 2008) . Customers who are in this condition should apply the latest updates and patches on these operating systems before 17 August 2020, otherwise their agents will stop sending data to Log Analytics workspaces. The following Azure services will be affected by this change: Azure Monitor, Azure Automation, Azure Update Management, Azure Change Tracking, Azure Security Center, Azure Sentinel, Windows Defender ATP.

Feature extensions of Azure Monitor

The following enhancements have been made in Azure Monitor that expand its functionality and make it an increasingly complete solution:

Azure Monitor availability for Azure Storage and Azure Monitor for Azure Cosmos DB.
Azure Monitor preview for Azure Key Vault and Azure Monitor for Redis Cache.
Preview of Azure Monitor Application Insights in Azure Monitor Logs workspaces.
Capacity reservation and CMK encryption with Azure Monitor Logs clusters dedicated to large-scale deployments.

Azure Private Link Availability for Azure Monitor
The Azure Private Link feature is now also available for Azure Monitor and allows you to have the following features:

Private connectivity to Azure Monitor Logs workspaces and to Azure Application Insights.
Exfiltration data protection with granular access to specific resources.
Protecting resources from access from the public network.

At the moment you need to make a request explicitly to access these features.

Improve the experience when deleting and restoring Azure Monitor Logs workspaces

Microsoft has added soft-delete workspace functionality to make it easier to recover if necessary. In fact, in the event of a cancellation, the workspace will go into a soft-delete state to allow it to be restored if necessary, including data and connected agents, within 14 days. This behavior can be circumvented and permanently deleted the workspace. To avoid the incorrect elimination of the workspaces from the Azure portal, a specific section has been added where you can consult how many solutions are installed and the relative daily data volume received in the last 7 days by data type.
Restoring the workspace, can now take place directly from the Azure portal.

Azure Advisor recommendation digests

Azure Advisor introduces the ability to receive a periodic summary of the available best practice recommendations developed by the solution. Advisor Digest Recommendations keep you up-to-date on Azure optimization opportunities outside the Azure portal. Notifications are customizable and handled through Azure Monitor Action Group.

Azure Service Health also includes emerging issues

Azure Service Health now also reports emerging issues in the Azure portal. An emerging problem is a situation in which Azure is aware of a widespread outage but may not yet be fully aware of the extent and amplitude. Previously, emerging problems were only available in the Azure Status page.

Configure

Azure Automation

TLS 1.2 Enforcement

Starting from September 1st 2020, Azure Automation will impose the presence of Transport Layer Security (TLS) version 1.2 or later, for all external HTTPS endpoints.

Secure

Azure Security Center

Changes to the just-in-time service (JIT) virtual machine (VM) Access

In the just-in-time service (JIT) virtual machine (VM) access have been made the following changes:

The recommendation advising to enable JIT on a VM has been renamed by “Just-in-time network access control should be applied on virtual machines” in “Management ports of virtual machines should be protected with just-in-time network access control”.
The recommendation is now activated only if open management ports are detected.

Custom recommendations placed in a separate panel

All the custom recommendations created for your subscriptions are now positioned in the dedicated section “Custom recommendations”.

Account security recommendations moved to the section “Security best practices”

The following recommendations have been included in the section “Security best practices” and therefore do not impact on the secure score:

MFA should be enabled on accounts with read permissions on your subscription (originally in the “Enable MFA” control)
External accounts with read permissions should be removed from your subscription (originally in the “Manage access and permissions” control)
A maximum of 3 owners should be designated for your subscription (originally in the “Manage access and permissions” control)

Microsoft has decided to apply this change as it has determined that the risk of these three recommendations is lower than initially thought.

Protect

Azure Backup

SAP HANA backup for Red Hat Enterprise Linux VM

Azure Backup includes protecting SAP HANA databases on Red Hat Enterprise Linux virtual machines (RHEL). This feature allows to have in an integrated way and without having to provide a specific backup infrastructure, the protection of SAP HANA databases on RHEL, one of the most commonly used operating systems in these scenarios.

Protect against accidental deletion of Azure file shares

To provide greater protection against cyberattacks and accidental deletion, Azure Backup has added an extra layer of security to the Azure file shares snapshot management solution. If you delete File Shares, content and its recovery points (Snapshots) are retained for a configurable period of time, enabling full recovery without data loss. When you configure protection for a file share, Azure Backup enables soft-delete functionality at the account storage level with a retention period of 14 days, which is configurable according to your needs. This setting determines the time window in which you can restore the contents and snapshots of your file shares after any accidental deletion operations. Once the share file is restored, backups resume working without the need for additional configurations.

Azure Site Recovery

Zone-to-zone disaster recovery available in new regions

Zone-to-Zone DR is now also available in the Southeast Asia and UK South regions. With this Azure Site Recovery feature, called zone-to-zone DR, there's an opportunity to create disaster recovery plans (DR) for virtual machines (VM), replicating them between different Azure Availability Zones. If a single Azure Availability Zone is compromised, you will be able to fail over virtual machines to a different zone within the same region and access them from the Secondary Availability Zone.

Introduced support for proximity groups

Azure Site Recovery has introduced support for proximity placement groups (PPGs). Thanks to this feature, any virtual machine (VM) hosted within a PPG can be secured using Azure Site Recovery. By enabling replication of that VM, you can provide a PPG in the secondary region as an additional parameter. When a failover process is activated, Site Recovery will place the VM in the user-supplied target PPG.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Azure Management services: What's New in April 2020

Starting from this month, the series of articles released by our community about what's new in Azure management services is renewed. They will be articles, published on a monthly basis, dedicated exclusively to these topics to have a greater level of depth.

Management refers to the tasks and processes required to better maintain business applications and the resources that support them. Azure offers many strongly related services and tools to provide a comprehensive management experience. These services are not exclusively for Azure resources, but they can potentially also be used for on-premises environments or other public clouds.

The following diagram shows the different areas related to management, which will be covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Monitor

Azure Monitor for containers: support for monitoring the use of GPUs on AKS GPU-enabled node pools

Azure Monitor for containers has introduced the ability to monitor the use of GPUs in Azure Kubernetes Service environments (AKS) with nodes that take advantage of GPUs. They are currently supported as NVIDIA and AMD vendors.
This monitoring functionality can be useful for:

Check the availability of GPUs on the nodes, the use of the GPU memory and the status of GPU requests by pods.
View the information collected through the built-in workbook available in the workbook gallery.
Generate alerts on pod status

Export of alerts and recommendations to other solutions

Azure Security introduces an interesting feature that allows you to send security information generated by your environment to other solutions. This is done through a continuous export mechanism of alerts and recommendations to Azure Event Hubs or to Azure Monitor Log Analytics workspaces. This feature opens up new integration scenarios for Azure Security Center. The functionality is called Continuos Export and is described in detail in this article.

Workflow automation functionality

Azure Security Center includes the ability to have workflows to respond to security incidents. Such processes may include notifications, the initiation of a change management process and the application of specific remediation operations. The recommendation is to automate as many procedures as possible as automation can improve safety by ensuring that the process steps are performed quickly, consistent and according to predefined requirements. The Azure Security Center has been made available the functionality workflow automation. It can be used to automatically trigger the Logic Apps trigger based on security alerts and recommendations. Furthermore, manual trigger execution is available for security alerts and for recommendations that have the quick fix option available.

Integration with Windows Admin Center

It is now possible to include Windows Server systems residing on-premises directly from the Windows Admin Center in Azure Security Center.

Azure Monitor Application Insights: monitors Java applications codeless

The Java Application Monitor is now made possible without making changes to the code, thanks to Azure Monitor Application Insights. In fact, the new Java codeless agent is available in preview. Among the libraries and frameworks supported by the new Java agent we find:

gRPC.
Netty/Webflux.
JMS.
Cassandra.
MongoDB.

Retiring the solution for Office 365

For the solution “Azure Monitor Office 365 management (Preview)”, which allows you to send the logs of Office 365 to Azure Monitor Log Analytics is expected to be retired on 30 July 2020. This solution has been replaced by the solution of Office 365 present in Azure Sentinel and the solution “Azure AD reporting and monitoring”. The combination of these two solutions is able to offer a better experience in configuration and in its use.

Azure Monitor for Containers: support for Azure Red Hat OpenShift

Azure Monitor for Containers now also supports in preview the monitor for Kubernetes clusters hosted on Azure Red Hat OpenShift version 4.x & OpenShift versione 4.x.

Azure Monitor Logs: limitations on concurrent queries

To ensure a consistent experience for all users in consulting the Azure Monitor Logs, will be gradually implemented new limits of concurrency. This will help protect yourself from sending too many queries simultaneously, which could potentially overload system resources and compromise responsiveness. These limits are designed to intervene and limit only extreme usage scenarios, but they should not be relevant for the typical use of the solution.

Secure

Azure Security Center

Dynamic compliance packages available

The Azure Security Center regulatory compliance dashboard now includes thedynamic compliance packages to trace further industry and regulatory standards. The dynamic compliance packages can be added at subscription or management group level from the Security Center policy page. After entering a standard or benchmark, this is displayed in the regulatory compliance dashboard with all related data. A summary report will also be available for download for all standards that have been integrated.

Identity recommendations included in Azure Security Center tier free

Security recommendations relating to identity and access have been included in the Azure Security Center tier free. This aspect allows to increase the functionality in the cloud security posture management area for free (CSPM). Before this change, these recommendations were only available in the Azure Security Center Standard tier. Here are some examples of recommendations for identity and access:

“Multifactor authentication should be enabled on accounts with owner permissions on your subscription.”
“A maximum of three owners should be designated for your subscription.”
“Deprecated accounts should be removed from your subscription.”

Protect

Azure Backup

Cross Region Restore (CRR) for Azure virtual machines

Thanks to the introduction of this new feature in Azure Backup, it introduces the ability to start restores at will in a secondary region, making them completely controlled by the customer. To do this, the Recovery Service vault that holds the backups must be set to geographic redundancy; in this way the backup data in the primary region are geographically replicated in the secondary region associated with Azure (paired region).

Figure 1 – New possible scenarios from Cross Region Restore (CRR)

Azure Files share snapshot management

Azure Backup introduces the ability to create Snapshots of Azure Files share, Daily, weekly, Monthly, and keep them until 10 years.

Support for replacing existing disks for VMs with custom images

Azure Backup introduced support, during the recovery phases, to replace existing disks on virtual machines created with custom images.

SAP HANA backup

In Azure Backup, protection of SAP HANA DBs present in virtual machines is available in all major Azure regions. This functionality allows you to have SAP HANA database protection integrated and without having to provide a specific backup infrastructure. This solution is officially certified by SAP.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

System Center: What's New in April 2020

In this summary, that we report on a monthly basis, the main announcements regarding System Center are listed, accompanied by the necessary references to be able to conduct further studies on.

System Center Operation Manager (SCOM)

SCOM 2019: Hotfixes for alert management

For SCOM 2019 UR1 was introduced this hotfix which solves several issues regarding the management of alerts.

SCOM 2016: Update Rollup 9

The Update Rollup 9 and for SCOM 2016 introduces fixes to different issues, for more information on this, you can see the specific KB.

New dashboards for the Azure Management Pack

Using the Azure Management Pack (MP) you can monitor Azure subscriptions and resources from SCOM. SCOM's console natively shows alerts and resource status collectively in a single view, without providing the ability to apply filters of any kind. The introduction of the new dashboards resolves this limitation. These are the main benefits introduced:

View Azure resources in SCOM in a similar way to the Azure portal.
Easily filter and locate resources.
Instantly view subscriptions, resource groups and alerts for each Azure resource.
Possibility to have modern dashboards with sorting functionality, layout, filter and search.

Adopting these new dashboards requires SCOM 2019. In this link you can access the information you need to activate and configure your Azure MP.

System Center Virtual Machine Manager (SCVMM)

SCVMM 2016: Update Rollup 9

The Update Rollup 9 for SCVMM 2016, in addition to remedying some problems, it introduces the following functions:

Ability to deploy Ubuntu Virtual Machines 18.04.
VM Connect Console Support Using 'Enhanced Session'

For further details please visit the specific KB.

System Center Data Protection Manager (SCDPM)

SCDPM 2016: Update Rollup 9

The’Update Rollup 9 for SCDPM 2016 in addition to a correction on the pruning jobs, it introduces the following changes:

Add an authentication layer for what you consider critical. You will be asked for a security PIN when operations are performed like Stop Protection with Delete data.
Adding the parameter -CheckReplicaFragmentation property cmdlet Copy-DPMDatasourceReplica, which calculates the percentage of fragmentation for a replica.

System Center Service Manager (SCSM)

SCSM 2016: Update Rollup 9

The Update Rollup 9 for SCSM 2016 only introduces fixes to problems, for information about it, you can consult the specific KB.

System Center Evaluation

To evaluate the various components of System Center, you must access theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in March 2020

In March there have been several news announced by Microsoft on the Azure management services and System Center. In this summary, that we report on a monthly basis, major announcements are listed, accompanied by the necessary references to be able to conduct further studies on.

Azure Monitor

Azure Security Center integration

In Azure Security Center (ASC) integration with Azure Monitor has been introduced. In fact, in ASC it has been made available the ability to export continues toward a Log Analytics workspace. With this feature, you can configure Azure Monitor alert rules against recommendations and alerts exported from the Security Center. As a result, you can enable action groups to achieve automation scenarios supported by Azure Monitor.

Service availability Azure Monitor for VMs

In Azure monitor, the service that monitors virtual machines has been released, calledAzure Monitor for VMs. This service analyzes the performance data and the status of virtual machines, makes the monitor of the installed processes and examines its dependencies.

The serviceAzure Monitor for VMsis divided into three different perspectives:

Health: the logical components present on board of the virtual machines are evaluated according to specific pre-configured criteria, generating alerts when certain conditions are met.
Performance: shows summary details of performance, from the guest operating system.
Map: generates a map with the interconnections between the various components that reside on different systems.

This solution can be used on Windows and Linux virtual machines, regardless of the environment in which they reside (Azure, on-premises or at other cloud providers).

New agent version for Windows and Linux systems

A new version of the Log Analytics agent has been released this month for Window systemss and for Linux systems. In both cases they are introduced several improvements and increased stability.

SHA-2 signing for the Log Analytics agent

The Log Analytics agent for Windows will start enforcing SHA-2 signings from 18 may 2020. This change requires action if you are running the agent on a legacy version of the operating system (Windows 7, Windows Server 2008 R2, or Windows Server 2008) . Customers who are in this condition should apply the latest updates and patches on these operating systems before 18 may 2020, otherwise their agents will stop sending data to Log Analytics workspaces. The following Azure services will be affected by this change: Azure Monitor, Azure Automation, Azure Update Management, Azure Change Tracking, Azure Security Center, Azure Sentinel, Windows Defender ATP.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 45 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Azure Backup

Azure Backup Report

Azure Backup has announced the release of the solution Azure Backup Report. It's a tool available in the Azure portal that provides reports to answer many questions about backup progress, including: “What backup items consume more storage space?”, “Which machines have consistently had abnormal backup behaviors?”, “What are the main causes of the backup job failure?”. Reports provide cross-sectional information across different types of workloads, Vaults, subscriptions, regions and tenants. This tool also provides support for Windows Server 2008, to facilitate the migration steps of the on-premises systems based on Windows Server 2008 to Azure, process by which you can continue to get security patches.

Azure Automation

Availability in new regions

Azure Automation is now available in preview in the regions ” US Gov Arizona”.

Evaluation of Azure and System Center

To test for free and evaluate the services provided by Azure you can access this page, while to try the various System Center components you must access theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in February 2020

The month of February was full of news and there are different updates that affected the Azure management services and System Center. This article summarizes to have a comprehensive overview of the main news of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

Azure Monitor

Changes to the Log Analytics schema

Important news has been made to the Azure Monitor Log Analytics schema to help you browse your content faster and easier.

Updates in the log view

Azure Monitor Log Analytics has greatly improved the appearance in the log view. New charts have been introduced that can quickly and easily display the collected data and provide the ability to obtain more information from it effectively.

Azure Site Recovery

Retirement of some protection scenarios

Starting from 1 march 2023 you will no longer be able to use Azure Site Recoivery for the following security scenarios:

Between customer-owned sites managed by System Center Virtual Machine Manager (SCVMM)
Between sites managed by SCVMM to Azure

Therefore, by this date, you must modify the configuration to use the protection scenario between Hyper-V and between Hyper-V and Azure, always without SCVMM. Data for protection scenarios that are no longer supported will be removed from the specified date.

Retirement of Azure Site Recovery data encryption functionality

Starting from 30 April 2022 Azure Site Recovery data encryption functionality will be retired and replaced with more advanced encryption mechanisms such asEncryption at Rest with Azure Site Recovery, usingStorage Service Encryption (SSE). Thanks to the adoption of SSE, the data will be encrypted before residing on the storage and decrypted when it is picked up.

Azure Backup

Azure Offline Backup with Azure Data Box

Customers using Azure Backup can now take advantage of Azure Data Box to move large backups through an offiline migration mechanism. The solution is to use both Azure Data Box (appliance from 100 TB) and also Azure Data Box disks (up to 8 TB each), through Azure Recovery Services Agent, to place large initial backups (up to 80 TB per server) in offline mode to an Azure Recovery Services Vault. Subsequent backups will then be made over the network.

Windows Server support 2008

Azure Backup announced support for Windows Server systems 2008. This facilitates the migration of On-premises systems based on Windows Server 2008 to Azure, so you can continue to get security patches.

Selective exclusion of disks to be protected

Azure Backup now allows you to selectively exclude disks to protect on a virtual machine. This allows you to achieve cost savings for your solution if there are disks that you don't want to protect using Azure Backup.

Backup Explorer

Azure Backup now offers a new solution, currently in preview, called Backup Explorer, an integrated Azure Monitor Workbook which allows for centralized control in real time on the progress of the various backup.

System Center

Update Rollup 1 for System Center 2019

For System Center 2019 it was released the first update rollup. This update introduces new features, make error corrections and affects the following products:

Microsoft Endpoint Manager

New releases for the Technical Preview Branch

For Configuration Manager were released in the Technical Preview Branch the’update 2001.2, the’update 2002 and the’update 2002.2. Among the main innovations, improvements to Desktop Analytics and task sequences are introduced. They also allow to obtain novelty inherent in Orchestration Groups, an evolution of the Server Groups.

To check the details of what's included in these updates, you can check these documents:

Please note that Releases in the Technical Preview Branch allow you to preview new Configuration Manager features, and it is recommended that you apply these updates only in test environments.

Evaluation of Azure and System Center

Azure management services and System Center: What's New in January 2020

The new year began with several announcements from Microsoft about what's new in Azure management services and System Center. The Cloud Community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

Azure Monitor

New version of Log Analytics Gateway

For Azure Monitor a new version was released of the Log Analytics Gateway introducing greater stability and reliability. To get the new version, you can sign in to the Azure portal, browsing the Log Analytics blade or directly through the Microsoft Download Center.

Availability in new regions for Service Map

Azure Map functionality in Azure Log Analytics is now also available in the region “US Gov Virginia“.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 43 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Support for customer-managed keys

Azure Site Recovery has introduced support for the following scenarios:

Replicating Azure Virtual Machines with Managed Disks encrypted with customer-managed keys.
Replicating on-premises virtual machines to managed disks encrypted with customer-managed keys.

Azure Backup

Long term retention for backup of file shares configurable by the Azure portal

Azure Backup allows you to keep on-demand backups of file shares until 10 years. This configuration, made initially possible only by using PowerShell, can now also be done from the Azure portal.

Restore cross region of virtual machines

In Azure Backup has been announced the ability to perform cross region restore of virtual machines to the Azure Paired Region. This feature is currently available in limited preview in West Central United States (WCUS) and the restore can then take place towards the WUS2 region. For further information you can consult this technical documentation.

Protection of SAP HANA in new regions

The Azure Backup solution now allows you to enable the protection of SAP HANA DBs aboard Azure virtual machines in European and Asian region. These are the regions where this feature is active:

West Europe (WE), North Europe (NE), France Central, France South, UK West (UKW), Germany North, Germany West Central, Germany Central, Germany North East, Switzerland North, and Switzerland West.
Australia Central, Australia Central 2, Australia East (AE), Australia Southeast (ASE), Japan East (JPE), Japan West (JPW), Korea Central (KRC), and Korea South (KRS).

Soft Delete for SQL Server and SAP HANA in Azure VMs

In Azure Backup has been introduced the functionality of soft delete also with regard to the protection of SQL Server and SAP HANA aboard Azure virtual machines. Soft delete is a security feature that allows you to protect your backups even after you delete it. Thanks to Soft delete, in the event that a backup is removed accidentally or for malicious actions, you are guaranteed that the backup data is still maintained for 14 days from the cancellation date. This feature, that doesn't include any additional costs, take to recover any deleted backups within the retention period.

Microsoft Endpoint Manager

New release for the Technical Preview Branch

For Configuration Manager was released in the Technical Preview Branch the update 2001 that among the main changes it introduced different dashboards to monitor the utilization of the new Microsoft Edge and other browser.

To check the details of what's included in these updates, you can see this document.

Please note that Releases in the Technical Preview Branch allow you to preview new Configuration Manager features, and it is recommended that you apply these updates only in test environments.

Evaluation of Azure and System Center

Azure management services and System Center: What's New in December 2019

In December have been announced, by Microsoft, a significant number of news regarding Azure management services and System Center. Our community releases this monthly summary that gives you a comprehensive overview of the main news of the month, in order to stay up to date on these news and have the necessary references to conduct further study.

Azure Monitor

Improvements in Azure Monitor for containers

The new Azure Monitor agent for containers, introduces several improvements in resource utilization and data volume optimization, thus helping to reduce costs. This update also changes some tables where data is consolidated and you may need some changes to existing queries if they use these fields: Name and Image in the table ContainerLog.

New features in Azure Monitor Metrics Explorer

For Azure Monitor, the Metrics Explorer component has seen the release of the following new features:

More flexibility in chart generation.
The resource selector supports the ability to choose multiple resources in scoping.
More granular charts such as number of data points.
Improved Chart Legends.

For more details you can refer this article.

Azure Backup

Azure Backup: resource group management for virtual machines

Azure Backup introduces the ability to customize the name of the resource group created by the service, acting on the backup policy for protecting virtual machines. Azure Backup creates a specific resource group where restore point collections are placed, hosting the instant recovery points of the managed VMs. Of dafault the naming of this resource group is as follows: AzureBackupRG_Geo_n, but now you get the ability to customize it.

Support for encrypted VMs larger than 4TB

The ability to back up and restore encrypted virtual machines larger than 4 TB has been extended to all Azure regions. In this way, the experience and capabilities provided by Azure Backup to protect these machines is the same, regardless of size.

Microsoft Endpoint Manager

New Update for Microsoft Endpoint Configuration Manager (current branch)

Configuration Manager has officially released the update 1910 that formalizes that Configuration Manager is now part ofMicrosoft Endpoint Manager. The new version also introduces several changes aimed at enriching and improving different features of the solution.

To verify the details about what's new in this update you can see this document.

New release for the Technical Preview Branch

For Configuration Manager was released in the Technical Preview Branch the update 1912 and one of the main innovations allows a device to upload its client logs to the site server. All this is possible by sending a client notification action from the Configuration Manager console.

To check the details of what's included in these updates, you can see this document.

Please note that Releases in the Technical Preview Branch allow you to preview new Configuration Manager features, and it is recommended that you apply these updates only in test environments.

Evaluation of Azure and System Center

Azure management services and System Center: What's New in November 2019

In November, accomplice also the Microsoft Ignite conference 2019, Microsoft has unveiled a number of new features regarding Azure management services and System Center. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Azure Log Analytics

New version of the agent for Linux systems

This month, the new version of the Log Analytics agent for Linux systems introduces improvements regarding the installation process, performance and resolution of issues in the use of custom logs. For more information about this, you can access theGitHub official page.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 42 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Improvements in resource clean-up

In Azure Site Recovery, the replication scenario of VMs between different Azure regions, the improvements were introduced regarding the clean up of the virtual machines and the related deallocated NIC (failed back), when the primary site is restored as a result of a failback process. In this way are easier the necessary operations to rehabilitate the protection. Furthermore, if you disable replication after a failback, Site Recovery also cleans up disks in the secondary region, as well as the VMs and their NIC.

Azure Backup

New features to protect SQL Server

In Azure backup the following new features regarding SQL Server protection was made available:

Native Protection of SQL Server 2019 on virtual machines Windows Server 2019 in Azure.
Protection of SQL Server 2008 and 2008 R2 for systems migrated to Azure.
Ability to make “Restore as Files”, that enables you to recover protected data as files .bak. This feature allows you to move files anywhere (different subscriptions, regions and on-premises) introducing more flexibility in performing restore operations.

SAP HANA backup

In Azure Backup, SAP HANA DB protection on virtual machines is available in the UK South region, all in an integrated way and without having to provide a specific backup infrastructure. This solution is officially certified BackInt from SAP.

System Center Updates Publisher

New version

A new version of System Center Updates Publisher (SCUP) has been released and is available to this link.

Microsoft Endpoint Manager

New brand for Configuration Manager

Microsoft Endpoint Manager is the name assigned to the Microsoft solution for the integrated management of all devices. Microsoft has decided to unify Configuration Manager and Intune, without having to deal with complex migrations and simplifying licensing. With this approach, Microsoft helps you take advantage of your investments in Configuration Manager and take advantage of the benefits and capabilities of the Microsoft cloud.

The Microsoft Endpoint Manager brand includes the following Microsoft management solutions:

Configuration Manager
Intune
Desktop Analytics
Autopilot
All of the features in theDevice Management Admin Console

New version for Configuration Manager Technical Preview Branch

For Configuration Manager was released the update 1911 (Technical Preview Branch) that among the main innovations officializes that Configuration Manager is now part of Microsoft Endpoint Manager.

To verify the details about what's new in this update you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Desktop Analytics is now available

The Desktop Analytics solution is publicly available. It is a tool that can provide useful information and provide the automations necessary to keep the Windows machines up-to-date. The possible integration of Desktop Analytics with System Center Configuration Manager, adds the value given by the cloud solution to the local infrastructure.

Evaluation of Azure and System Center

Azure management services and System Center: What's New in October 2019

In October were announced, by Microsoft, a considerable number of news regarding the Azure management services and System Center. Our community, through these articles that are released on a monthly basis, want to provide an overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Azure Log Analytics

Availability in new regions

Azure Log Analytics is now available in the new regions “Switzerland North”, to allow you to collect log and perform related trend analysis on the use of resources.

New option for the pricing model

For Azure Monitor Log Analytics is available from November 1 2019 a new pricing model, allowing you to pay a fixed fee for data ingestion, based on the capacity of the selected tier. The tier start at 100 GB per day and allow you to get a saving of up to 25%, compared to the Pay-As-You-Go cost.

New version of the agent for Linux systems

This month the new agent version of Log Analytics introduces enhancements for Linux systems in particular concerning the installation process and performance. For more information about this, you can access theGitHub official page.

Retention configurable by data type

Azure Monitor Log Analytics introduces the ability to configure data retention, that is, the retention period of the data, for each type of data, instead of having a single retention setting for the entire workspace. The configuration at the time must be made through ARM commands. This new possibility allows for greater flexibility and savings in retention costs from the collated data from October (release date of this functionality). For more details please visit the Microsoft's official documentation.

Changing the saving of data in Service Map in Log Analytics

Data for Service Map, until now saved in custom log tables ServiceMapComputer_CL and ServiceMapProcess_CL will be moved to specific Log Analytics data types. These new tables will be called VMComputer and VMProcess, Inl.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 41 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Update for Windows servicing stack and SHA-2

For the Azure Site Recovery Mobility agent was issued a specific update required to enable Windows servicing stack and SHA-2 support.

Availability in new regions

Azure Site Recovery is now available in “Norway East” and “Norway West, North Dakota”. To check the availability of the service in all the Azure regions you can consult this document.

Azure Backup

Support for disks up to 32 TB

Support for large Managed disks has been announced for Azure Backup, up to 32 TB. For further information you can consultthis article.

System Center Configuration Manager

New releases for the Technical Preview Branch

For Configuration Manager was released the update 1910 that one of the main innovations is the ability to deploy and manage Microsoft Edge. With this integration, you can also easily manage the deployment of new versions of Microsoft Edge from the beta channel (updated every 6 weeks) and the Dev channel (updated weekly).

To check the details of what's included in these updates, you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.

Evaluation of Azure and System Center

To test and evaluate free of charge the service offered by Azure you can access this page, while to try out the various components of System Center you must Access to theEvaluation Center and, after registering, you can start the trial period.

Azure management services and System Center: What's New in September 2019

Even in September it was announced by Microsoft news regarding the Azure management services and System Center. Our community publishes this summary monthly to provide an overview of these new features. In this way you can stay up-to-date on these topics and have the necessary references to conduct further investigations.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 40 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Azure Backup

Support for disks up to 30 TB

For Azure Backup has been announced the support in public preview for large Managed disks, up to 30TB. For further information you can consultthis article.

System Center

New Update Rollup for System Center 2016

Microsoft has released the Update Rollup 8 (UR8) for System Center 2016. This is the second update rollup of the year and includes updates for the following products, mainly aimed at solving problems:

System Center Configuration Manager

New releases for the Technical Preview Branch

For Configuration Manager was released the update 1909 one of the main innovations is the creation of orchestration groups, to better control the deployment of software updates. The Orchestration Groups are designed to give you more flexibility when upgrading devices, including the ability to run PowerShell scripts before and after the update deployment phase.

To check the details of what's included in these updates, you can see this document.

Please note that the Technical Preview Branch releases help you to evaluate new features of SCCM and it is recommended to apply these updates only in test environments.