Die Volkswagen-Tochter Electrify America will einen kommerziellen Roboter-Ladedienst für selbstfahrende und elektrische Fahrzeugflotten erproben. Das hat Tesla schon vor Jahren versucht. (Elektroauto, Technologie)
Quelle: Golem
To help our customers manage their compliance obligations when hosting their environments in Microsoft Azure, we are publishing a series of blueprint samples built in to Azure. Our most recent release is the NIST SP 800-53 R4 blueprint that maps a core set of Azure Policy definitions to specific NIST SP 800-53 R4 controls. For US governmental entities and others with compliance requirements based on NIST SP 800-53, this blueprint helps customers proactively manage and monitor compliance of their Azure environments.
The free Azure Blueprints service helps enable cloud architects and information technology groups to define a repeatable set of Azure resources that implements and adheres to an organization’s standards, patterns, and requirements. Blueprints may help speed the creation of governed subscriptions, supporting the design of environments that comply with organizational standards and best practices and scale to support production implementations for large-scale migrations.
Azure leads the industry with more than 90 compliance offerings that meet a broad set of international and industry-specific compliance standards. This puts Microsoft in a unique position to help ease our customers’ burden to meet their compliance obligations. In fact, many of our customers, particularly those in regulated industries, have expressed strong interest in being able to leverage our internal compliance practices for their environments with a service that maps compliance settings automatically. The Azure Blueprints service is our natural response to that interest. Customers are ultimately responsible for meeting the compliance requirements applicable to their environments and must determine for themselves whether particular information helps meet their compliance needs.
The US National Institute of Standards and Technology (NIST) publishes a catalog of security and privacy controls, Special Publication (SP) 800-53, for all federal information systems in the United States (except those related to national security). It provides a process for selecting controls to protect organizations against cyberattacks, natural disasters, structural failures, and other threats.
The NIST SP 800-53 R4 blueprint provides governance guardrails using Azure Policy to help customers assess specific NIST SP 800-53 R4 controls. It also enables customers to deploy a core set of policies for any Azure-deployed architecture that must implement these controls.
NIST SP 800-53 R4 control mappings provide details on policies included within this blueprint and how these policies address various NIST SP 800-53 R4 controls. When assigned to an architecture, resources are evaluated by Azure Policy for non-compliance with assigned policies. These control mappings include:
Account management. Helps with the review of accounts of that may not comply with an organization’s account management requirements.
Separation of duties. Helps in maintaining an appropriate number of Azure subscription owners.
Least privilege. Audits accounts that should be prioritized for review.
Remote access. Helps with monitoring and control of remote access.
Audit review, analysis, and reporting. Helps ensure that events are logged and enforces deployment of the Log Analytics agent on Azure virtual machines.
Least functionality. Helps monitor virtual machines where an application white list is recommended but has not yet been configured.
Identification and authentication. Helps restrict and control privileged access.
Vulnerability scanning. Helps with the management of information system vulnerabilities.
Denial of service protection. Audits if the Azure DDoS Protection standard tier is enabled.
Boundary protection. Helps with the management and control of the system boundary.
Transmission confidentiality and integrity. Helps protect the confidentiality and integrity of transmitted information.
Flaw remediation. Helps with the management of information system flaws.
Malicious code protection. Helps the management of endpoint protection, including malicious code protection.
Information system monitoring. Helps with monitoring a system by auditing and enforcing logging across Azure resources.
At Microsoft, we will continue this commitment to helping our customers leverage Azure in a secure and compliant manner. Over the next few months we plan to release more new built-in blueprints for HITRUST, FedRAMP, NIST SP 800-171, the Center for Internet Security (CIS) Benchmark, and other standards.
If you would like to participate in any early previews please sign up. In addition, learn more about the Azure NIST SP 800-53 R4 blueprint.
Quelle: Azure
We are excited to announce the preview of Azure Dedicated Host, a new Azure service that enables you to run your organization’s Linux and Windows virtual machines on single-tenant physical servers. Azure Dedicated Hosts provide you with visibility and control to help address corporate compliance and regulatory requirements. We are extending Azure Hybrid Benefit to Azure Dedicated Hosts, so you can save money by using on-premises Windows Server and SQL Server licenses with Software Assurance or qualifying subscription licenses. Azure Dedicated Host is in preview in most Azure regions starting today.
You can use the Azure portal to create an Azure Dedicated Host, host groups (a collection of hosts), and to assign Azure Virtual Machines to hosts during the virtual machine (VM) creation process.
Visibility and control
Azure Dedicated Hosts can help address compliance requirements organizations may have in terms of physical security, data integrity, and monitoring. This is accomplished by giving you the ability to place Azure VMs on a specific and dedicated physical server. This offering also meets the needs of IT organizations seeking host-level isolation.
Azure Dedicated Hosts provide visibility over the server infrastructure running your Azure Virtual Machines. They allow you to gain further control over:
The underlying hardware infrastructure (host type)
Processor brand, capabilities, and more
Number of cores
Type and size of the Azure Virtual Machines you want to deploy
You can mix and match different Azure Virtual Machine sizes within the same virtual machine series on a given host.
With an Azure Dedicated Host, you can control all host-level platform maintenance initiated by Azure (e.g., host OS updates). An Azure Dedicated Host gives you the option to defer host maintenance operations and apply them within a defined maintenance window, 35 days. During this self-maintenance window, you can apply maintenance to your hosts at your convenience, thus gaining full control over the sequence and velocity of the maintenance process.
Licensing cost savings
We now offer Azure Hybrid Benefit for Windows Server and SQL Server on Azure Dedicated Hosts, making it the most cost-effective dedicated cloud service for Microsoft workloads.
Azure Hybrid Benefit allows you to use existing Windows Server and SQL Server licenses with Software Assurance, or qualifying subscription licenses, to pay a reduced rate on Azure services. Learn more by referring to the Azure Hybrid Benefit FAQ.
We are also expanding Azure Hybrid Benefit so you can take advantage of unlimited virtualization for Windows Server and SQL Server with Azure Dedicated Hosts. Customers with Windows Server Datacenter licenses and Software Assurance can use unlimited virtualization rights in Azure Dedicated Hosts. In other words, you can deploy as many Windows Server virtual machines as you like on the host, subject only to the physical capacity of the underlying server. Similarly, customers with SQL Server Enterprise Edition licenses and Software Assurance can use unlimited virtualization rights for SQL Server on their Azure Dedicated Hosts.
Consistent with other Azure services, customers will get free Extended Security Updates for Windows Server 2008/R2 and SQL Server 2008/R2 on Azure Dedicated Host. Learn more about how to prepare for SQL Server and Windows Server 2008 end of support.
Azure Dedicated Hosts allow you to use other existing software licenses, such as SUSE or RedHat Linux. Check with your vendors for detailed license terms.
With the introduction of Azure Dedicated Hosts, we’re updating the outsourcing terms for Microsoft on-premises licenses to clarify the distinction between on-premises/traditional outsourcing and cloud services. For more details about these changes, read the blog “Updated Microsoft licensing terms for dedicated hosted cloud services.” If you have any additional questions, please reach out to your Microsoft account team or partner.
Getting started
The preview is available now. Get started with your first Azure Dedicated Host.
You can deploy Azure Dedicated Hosts with an ARM template or using CLI, PowerShell, and the Azure portal. For a more detailed overview, please refer to our website and the documentation for both Windows and Linux.
Frequently asked questions
Q: Which Azure Virtual Machines can I run on Azure Dedicated Host?
A: During the preview period you will be able to deploy Dsv3 and Esv3 Azure Virtual Machine series. Support for Fsv2 virtual machines is coming soon. Any virtual machine size from a given virtual machine series can be deployed on an Azure Dedicated Host instance, subject to the physical capacity of the host. For additional information please refer to the documentation.
Q: Which Azure Disk Storage solutions are available to Azure Virtual Machines running on an Azure Dedicated Host?
A: Azure Standard HDDs, Standard SSDs, and Premium SSDs are all supported during the preview program. Learn more about Azure Disk Storage.
Q: Where can I find pricing and more details about the new Azure Dedicated Host service?
A: You can find more details about the new Azure Dedicated Host service on our pricing page.
Q: Can I use Azure Hybrid Benefit for Windows Server/SQL Server licenses with my Azure Dedicated Host?
A: Yes, you can lower your costs by taking advantage of Azure Hybrid Benefit for your existing Windows Server and SQL Server licenses with Software Assurance or qualifying subscription licenses. With Windows Server Datacenter and SQL Server Enterprise Editions, you get unlimited virtualization when you license the entire host and use Azure Hybrid Benefit. As a result, you can deploy as many Windows Server virtual machines as you like on the host, subject to the physical capacity of the underlying server. All Windows Server and SQL Server workloads in Azure Dedicated Hosts are also eligible for free Extended Security Updates for Windows Server and SQL Server 2008/R2.
Q: Can I use my Windows Server/SQL Server licenses with dedicated cloud services?
A: In order to make software licenses consistent across multitenant and dedicated cloud services, we are updating licensing terms for Windows Server, SQL Server, and other Microsoft software products for dedicated cloud services. Beginning October 1, 2019, new licenses purchased without Software Assurance and mobility rights cannot be used in dedicated hosting environments in Azure and certain other cloud service providers. This is consistent with our policy for multitenant hosting environments. However, SQL Server licenses with Software Assurance can continue to use their licenses on dedicated hosts with any cloud service provider via License Mobility, even if licenses were purchased after October 1, 2019. Customers may use on-premises licenses purchased before October 1, 2019 on dedicated cloud services. For more details regarding licensing, please read the blog “Updated Microsoft licensing terms for dedicated hosted cloud services.”
For additional information, please refer to the Azure Dedicated Host website and the Azure Hybrid Benefit page.
Quelle: Azure
Die Pariser Stadtverwaltung zieht Konsequenzen aus dem E-Scooter-Boom. Tausende zusätzliche Parkzonen sollen markiert werden. (E-Scooter, Internet)
Quelle: Golem
Das hat sich Kultdesigner Hideo Kojima vermutlich anders vorgestellt: Auf Twitter hat er Crunch (massive Überstunden) für die Fertigstellung von Death Stranding angekündigt – andere Entwickler und Spieler wollen lieber länger warten. (Hideo Kojima, Sony)
Quelle: Golem
Hacker sind Männer in Hoodies, die im Keller vorm Computer sitzen: Mit diesem Klischee will Openideo aufräumen. Daher schreibt die Organisation einen Wettbewerb aus, um alternative Symbolbilder für Hacks, Sicherheitslücken und IT-Sicherheit zu finden. Die ersten fünf Plätze erhalten 7.000 US-Dollar. (Hacker, Sicherheitslücke)
Quelle: Golem
Google-Mitarbeiter werten keine Sprachaufnahmen mehr aus der EU aus. Dies erklärte das Unternehmen dem Hamburger Datenschutzbeauftragten im Rahmen eines Verwaltungsverfahrens. Das gilt allerdings nur vorübergehend. (Google Assistant, Google)
Quelle: Golem
Back in April we announced the Azure VMware Solution to deliver a comprehensive VMware environment allowing you to run native VMware-based workloads on Azure. It’s a fully managed platform as a service (PaaS) that includes vSphere, vCenter, vSAN, NSX-T, and corresponding tools.
The VMware environment runs natively on Azure’s bare metal infrastructure, so there’s no nested virtualization and you can continue using your existing VMware tools. There’s no need to worry about operating, scaling, or patching the VMware physical infrastructure or re-platforming your virtual machines. The other benefit of this solution is that you can stretch your on-premises subnets into Azure. It’s like connecting another location to your VMware environment, only that location happens to be in Azure.
We’ve recently published a new episode of Microsoft Mechanics featuring Markus Hain, Senior Program Manager from the Azure engineering team. In this episode, Markus walks through the experience of coming from an on-premises VMware vSphere environment, provisioning an Azure VMware Solution private cloud, getting both environments to communicate, and what you can do once the service is up and running.
Beyond building out and configuring the environment, Markus explains how the hybrid networking works to connect VMware sites and how the service translates bidirectional traffic between virtual networks used in Azure with virtual LANs (VLANs) used in VMware.
Once the services are running, it’s easy to vMotion as you normally would between VMware sites. We show a simple vMotion migration to move virtual machine workloads into Azure. As your VMware workloads start to run in Azure you can take advantage of integrating Azure services seamlessly to existing VMware workloads. For example, your developers can create new VMware virtual machines inside the Azure portal leveraging the same VMware templates from the on-premises environment, and ultimately running those virtual machines in your VMware private cloud in Azure.
Virtual machines created in the Azure portal will be visible, accessible, and run in the VMware vSphere environment. You have the flexibility to manage those resources as you normally would in vSphere, Azure, or both. The environments are deeply integrated at the API level to ensure that what you see in either experience is synchronized. This enables hybrid management, as well as allowing your developers to manage both Azure and VMware resources using a single Azure Resource Manager template.
What’s more, you can monitor those virtual machines like you would Azure infrastructure as a service (IaaS) virtual machines and connect them to the broad set of resources across data, compute, networking, storage, and more. In fact, Markus shows how you can configure an application gateway running in Azure to load balance inbound traffic to your virtual machines running in the Azure VMware Solution. Since this is a truly hybrid and deeply integrated set of services, there’s really no limit to how you architect your apps and solutions, and like a native cloud service, you can benefit from the elasticity of the number of VMware nodes you’ll need to match seasonal or otherwise variable demand.
Right now, the Azure VMware Solution by CloudSimple is available in East US and West US regions. Western Europe is coming next, and we’ll add more regions over the coming months. To get started, just search for “vmware” while signed into the Azure portal and provision the service, nodes, and virtual machines. You’ll then be on your way to running your own private cloud in Azure!
For more information, check out our Azure VMware Solution site.
Quelle: Azure
Nvidia hat den Studio Driver 431.70 veröffentlicht und schaltet damit erstmals 10 Bit pro Farbkanal unter OpenGL auch für Geforce- sowie Titan-Grafikkarten frei. Bisher war das Quadro-Modellen für Software wie Adobe Photoshop, Premiere Pro und Foundry Nuke vorbehalten. (Nvidia, Grafikhardware)
Quelle: Golem
Der Release der neuen Super-GPUs von Nvidia ist für Zotac die Gelegenheit, den kleinen Gaming-PC Mek Mini mit überarbeiteter Hardware anzubieten. In etwas mehr als 9 Liter passen eine RTX 2070 Super, ein Core-i7-Prozessor und eine Netzwerkkarte mit zwei Ethernet-Buchsen. (Zotac, Nvidia)
Quelle: Golem
