Kategorie: Microsoft Azure

Azure Media Services: The latest Video Indexer updates from NAB Show 2019

After sweeping up multiple awards with the general availability release of Azure Media Services’ Video Indexer, including the 2018 IABM for innovation in content management and the prestigious Peter Wayne award, the team has remained focused on building a wealth of new features and models to allow any organization with a large archive of media content to unlock insights from their content; and use those insights improve searchability, enable new user scenarios and accessibility, and open new monetization opportunities.

At NAB Show 2019, we are proud to announce a wealth of new enhancements to Video indexer’s models and experiences, including:

A new AI-based editor that allows you to create new content from existing media within minutes
Enhancements to our custom people recognition, including central management of models and the ability to train models from images
Language model training based on transcript edits, allowing you to effectively improve your language model to include your industry-specific terms
New scene segmentation model (preview)
New ending rolling credits detection models
Availability in 9 different regions worldwide
ISO 27001, ISO 27018, SOC 1,2,3, HiTRUST, FedRAMP, HIPAA, and PCI certifications
Ability to take your data and trained models with you when moving from trial to paid Video Indexer account

More about all of those great additions in this blog.

In addition, we have exciting news for customers who are using our live streaming platform for ingesting live feeds, transcoding, and dynamically packaging and encrypting it for delivery via industry-standard protocols like HLS and MPEG-DASH. Live transcriptions is a new feature in our v3 APIs, wherein you can enhance the streams delivered to your viewers with machine-generate text that is transcribed from spoken words in the video stream. This text will initially be only delivered as IMSC1.1 compatible TTML packaged in MPEG-4 Part 30 (ISO/IEC 14496-30) fragments, which can be played back via a new build of Azure Media Player. More information on this feature, and the private preview program, is available in the documentation, “Live transricption with Azure Media Services v3.”

We are also announcing two more private preview programs for multi-language transcription and animation detection, where selected customers will be able to influence the models and experiences around them. Come talk to us at NAB Show or contact your account manager to request to be added to these exciting programs!

Extracting fresh content from your media archive has never been easier

One of the ways to use deep insights from media files is to create new media from existing content. This can be to create movie highlights for trailers, use old clips of videos in news casts, create shorter content for social media, or for any other business need.

In order to facilitate this scenario with just a few clicks, we created an AI-based editor that enables you to find the right media content, locate the parts that you’re interested in, and use those to create an entirely new video, using the metadata generated by Video Indexer. Once you’re happy with the result, it can be rendered and downloaded from Video Indexer and used in your own editing applications or downstream workflows.

All these capabilities are also available through our updated REST API. This means that you can write code that creates clips automatically based on insights. The new editor API calls are currently open to public preview.

Want to give the new AI-based editor a try? Simply go to one of your indexed media files and click the “Open in editor” button to start creating new content.

More intuitive model customization and management

Video Indexer comes with a rich set of out-of-the-box models so you can upload your content and get insights immediately. However, AI technology always gets more accurate when you customize it to the specific content it’s employed for. Therefore, Video Indexer provides simple customization capabilities for selected models. One such customization is the ability to add custom persons models to the over 1 million celebrities that Video Indexer can currently identify out-of-the-box. This customization capability already existed in the form of training “unknown” people in the content of a video, but we received multiple customer requests to enhance it even more – so we did!

To accommodate an easy customization process for persons models, we added a central people recognition management page that allows you to create multiple custom persons models per account, each of which can hold up to 1 million different entries. From this location you can create new models, add new people to existing models, review, rename, and delete them if needed. On top of that, you can now train models based on your static images even before you have uploaded the first video to your account. Organizations that already have an archive of people images can now use those archives to pre-train their models. It’s as simple as dragging and dropping the relevant images to the person name, or submitting them via the Video Indexer REST API (currently in preview).

What to learn more? Read about our advanced custom face recognition options.

Another important customization is the ability to train language models to your organization’s terminologies or industry specific vocabulary. To allow you to improve the transcription for your organization faster, Video Indexer now automatically collects transcript edits done manually into a new entry in the specific language model you use. All you need to do then, is click the “Train” button to add those to your own customized model. The idea is to create a feedback loop where organizations begin with a base out-of-the-box language model and improve the accuracy of it through manual edits over a period of time until it aligns to their specific industry vertical vocabulary and terms.

New additions to the Video Indexer pipeline

One of the primary benefits of Video Indexer is having one pipeline that orchestrates multiple insights from different channels into one timeline. We regularly work to enrich this pipeline with additional insights.

One of the latest additions to Video Indexer’s set of insights is the ability to segment the video by semantic scenes (currently in preview) based on visual cues. Semantic scenes add another level of granularity to the existing shot detection and keyframes extraction models in Video Indexer and aim to depict a single event composed of a series of consecutive shots which are semantically related.

Scenes can be used to group together a set of insights and refer to them as insights of the same context in order to deduct a more complex meaning from them. For example, if a scene includes an airplane, a runway, and luggage, the customer can build logic that deducts that it is happening in an airport. Scenes can also be used as a unit to be extracted as a clip from a full video.

Another cool addition to Video Indexer is the ability to identify ending rolling credits of a movie or a TV show. This can come in handy for a broadcasters in order to identify when their viewers completed watching the video and in order to identify the right moment to recommend the new show or movie to watch before losing the audience.

Video Indexer runs on trust (and in more regions)

As Video Indexer is part of the Azure Media Services family and is built to serve organizations of all sizes and industries, it is critical to us to help our customers meet their compliance obligations across regulated industries and markets worldwide. As part of that effort, we are excited to announce that Video Indexer is now ISO 27001, ISO 27018, SOC 1,2,3, HIPAA, FedRAMP, PCI, and HITRUST certified. Learn more about the most current certifications status of Video Indexer and all other Azure services.

Additionally, we increased our service availability around the world and are now deployed to 9 regions for your convenience. Available regions now include East US, East US 2, South Central US, West US 2, North Europe, West Europe, Southeast Asia, East Asia, and Australia East. More regions are coming online soon, so stay tuned. You can always find the latest regional availability of Video Indexer by visiting the products by region page.

Video Indexer continues to be fully available for trial on East US. This allows organizations to evaluate the full Video Indexer functionality on their own data before creating a paid account using their own Azure subscription. Once organizations decide to move to their Azure subscription, they can copy all of the videos and model customizations that they created on their trial account by simply checking the relevant check box in the content of the account creation wizard.

Want to be the first to try out our newest capabilities?

Today, we are excited to announce three private preview programs for features that we have been asked for by many different customers.

Live transcription – the ability to stream a live event, where spoken words in the audio is transcribed to text and delivered along with video and audio.

Mixed languages transcription – The ability to automatically identify multiple spoken languages in one video file and to create a mixed language transcription for that file.

Animation characters detection – The ability to identify characters in animated content as if they were real live people!

We will be selecting a set of customers out of a list of those who would like to be our design partners for these new capabilities. Selected customers will be able to highly influence these new capabilities and get models that are highly tuned to their data and organizational flows. Want to be a part of this? Come visit us at NAB Show or contact your account manager for more details!

Visit us at NAB Show 2019

If you are attending NAB Show 2019, please stop by booth #SL6716 to see the latest Azure Media Services innovations! We’d love to meet you, learn more about what you’re building, and walk you through the different innovations Azure Media Services and our partners are releasing at NAB Show. We will also have product presentations in the booth throughout the show.

Have questions or feedback? We would love to hear from you! Use our UserVoice to help us prioritize features, or email VISupport@Microsoft.com for any questions.
Quelle: Azure

Welcome to NAB Show 2019 from Microsoft Azure!

Putting the intelligent cloud to work for content creators, owners and storytellers.

Stories entertain us, make us laugh and cry, and are the lens through which we perceive our world. In that world, increasingly overloaded with information, they catch our attention and, if they catch our hearts, we engage. This makes stories powerful, and it’s why so many large technology companies are investing heavily in content – creating it and selling it.

At Microsoft, we’re not in the business of content creation.

Why? Our mission is to help every person and organization on the planet achieve more. So instead of creating or owning content, we want to provide platforms to help content creators and owners achieve more – from the Intelligent Cloud to the Intelligent Edge, with industry leading artificial intelligence (AI). We’re excited to see that mission come to life through customers such as Endemol Shine, Multichoice, RTL, Ericsson and partners like Avid, Akamai, Haivision, Pipeline FX and Verizon Digital Media Services. And we are excited to announce new Azure rendering, Azure Media Services, Video Indexer and Azure Networking capabilities to help you achieve more at NAB Show 2019. Cue scene.

Fix it in post: higher resolution, less time.

The arrival of HD led to an explosion of digital content. Today, not satisfied with even 4K resolution, the industry is moving inexorably toward 8K and beyond. With burgeoning immersive storytelling driving 360-degree / 3D content, high frame-rate, innumerable episodic and unscripted shows on fast release cycles and ever-more visually stunning cinematic features, data volumes are increasing exponentially.

Microsoft Azure stands ready with the storage acceleration and capacity to accept your most expansive projects. The new Azure FXT Edge Filer caching appliance delivers higher scalability and performance than ever before, with high-speed memory, SSD and support for Azure Blob storage. It’s a great fit for high-throughput, low-latency applications such as rendering where you need ultra-fast connections between on-premises storage and cloud compute capacity. We believe our Edge Filer appliances are a major differentiator for customers, and they agree – Avere vFXT for Azure has enabled visual effects studio Mr. X to recently render a feature-length film in Azure.

Azure FXT Edge Filer

And speaking of rendering, our new Azure Render Farm Manager Portal preview makes it much faster and easier for customers to set up hybrid or cloud-only rendering environments in Azure, including networking setup and Azure storage options, with support for commonly used render farm managers such as PipelineFX Qube.

Whether it’s rendering, visual effects or editing, we offer the price and performance combination you need. And, watch this space and Avid’s newsroom for exciting announcements from Avid Connect 2019 regarding how we’re partnering to ingest, manage, edit and create content in the cloud.

Got content? Get storage. Add AI.

Your petabytes of content + our Azure Data Box or Data Boxy Heavy (in preview) = secure, enterprise-grade, cost-effective ingest at scale. Just getting off a shoot and have 10’s of terabytes? Meet Data Box Disk. The same benefits in a portable form-factor for smaller content stores. For those on set there is Data Box Edge, which can pre-process media (e.g., remove blank footage) and efficiently transfer it to the cloud through partners such as Dejero or a private high-bandwidth connection with Azure ExpressRoute Direct 100Gbps. We are also making our global network available to you – through Azure ExpressRoute Global Reach, which lets you effectively build your WAN on the Azure backbone. ExpressRoute Direct 100Gbps and Global Reach will be generally available as of NAB.

Once in the cloud, you can use Video Indexer’s award-winning AI capabilities to efficiently extract deep insights. Just in time for NAB, we’ve added an AI-based editor to help you generate fresh content in minutes, improved custom face and language models and additional certifications from ISO 27001 to FedRAMP. These new capabilities, and many more, easily integrate with your existing MAMs and can be used with any application to increase accessibility or create new OTT and monetization experiences.

Video Indexer (VI) is part of Azure Media Services (AMS), our hyper-scale, enterprise grade, productive media workflow solution. From ingest and transcoding to packaging and distribution, AMS – and our partners – have you covered. You can learn more about AMS, VI and our new private previews for animation, multi-language transcription and live transcriptions here.

Video Indexer

Stream more content, more easily, to increasingly global audiences

Increasing audiences, form factors and globalization mean video workflows that are becoming more and more complex. Our partners are hard at work making this easier for you, and here are a few of the key announcements:

Akamai will directly connect its edge network with Azure through ExpressRoute to give customers higher performance and more predictable costs. It also plans to enhance the delivery of live and on-demand workflows with Azure Media Services and our mutual partners.
Verizon Digital Media Services is delivering an enterprise-grade streaming platform on Microsoft Azure to enhance video workflows.
Haivision’s new media routing cloud service, SRTHub, will help broadcasters more securely and reliably transport live video globally. SRTHub, built on Azure, will also streamline workflow orchestration using an open ecosystem of Hublets from industry-leading partners including Avid, Wowza and Epic Labs.
Telestream will bring its industry leading transcoding solution to Azure.

Delivering high-quality and highly available content and applications requires globally-scalable network solutions. To enable our customers to accelerate and deliver superior global applications, we’re announcing the GA of the Azure Front Door Service (AFD). AFD provides a global single point-of-entry that delivers optimized user experiences for web applications. AFD also includes an integrated web application firewall (WAF) and DDoS protection for securing those applications at the network edge.  

The next frontier

At NAB we’re showcasing how partners such as Zone TV and Nexx.TV are using Microsoft AI and Azure Cognitive Services to create more personalized content and improve monetization of existing media assets.  Stay tuned for more in this space as we work across Microsoft to put our data – and insights – to work for you.

Visit us at NAB Show 2019 – booth #SL6716 – to learn more, meet with the team and see what our partners have to offer. I hope to see you there – or out there in the real world – and look forward to hearing how we can put Azure to work for you.
Quelle: Azure

Azure Front Door Service is now generally available

Every internet facing web application, whether serving a large audience or a small set of users in a single region, is by default a global application.  Whether you are running a large news website with millions of users across the globe, running a B2B application for managing your sales channels or a local pastry shop in a city – your users are distributed/roaming across multiple locations, or your application demands deployment into multiple locations for high availability or disaster recovery scenarios.  As a global application, your distributed users and/or application deployments place demands on you to maximize performance for your end users and ensure the application is always-on across failures and attacks.

Today I am excited to announce the general availability of Azure Front Door Service (AFD) which we launched in preview last year – a scalable and secure entry point for fast delivery of your global applications. AFD is your one stop solution for your global website/application and provides:

Application and API acceleration with anycast and using Microsoft’s massive private global network to directly connect to your Azure deployed backends means your app runs with lower latency and higher throughput to your end users.
Global HTTP load balancing enables you to build your application resiliently across regions, fail-over instantly and offer your users an “always-on” web site availability experience either at a domain or microservice (URL path) level. 
SSL offload at a massive scale enables you to maintain security and scale to a rapidly growing or expanding user base, all while reducing latency.
WAF @ Edge offering application security against DDoS attacks or malicious users at the edge providing protection at scale without sacrificing on performance.

Built atop Microsoft’s massive global network, Azure Front Door currently supports Microsoft’s biggest web workloads deliver high quality, highly performant services. Global brands such as Bing, Office 365, Xbox Live, MSN, LinkedIn and Azure DevOps leverage AFD’s competitive performance, enterprise grade reliability and massive scalability to deliver consistent, low latency, high throughput user and application experiences. Today AFD provides global coverage in over 35 countries across 65 metros and quickly growing.

Figure 1: Azure Front Door’s global footprint and Microsoft's Network

Use case scenarios

Customers come to AFD today focused on their core business needs to improve performance, scale their application, enable instant failover, or enable complex application architectures like IaaS and PaaS, on-prem + cloud, or multi-cloud hybrid experiences.  AFD can be quickly and easily integrated into your application’s existing or new architecture and starts working out of the box.  Adding AFD in front of your application or API also enables your customers to gain the benefit of our constant improvements and optimizations to at the edge such as TCP Fast Open, WAN optimizations and improvements to SSL such as SSL session resumption.   This means your users get optimized connectivity experiences day 1 with Front Door.

Below is a sample reference architecture outlining how an application can be designed for improved page load times, SSL offload and API routing. AFD runs at the Edge of Microsoft’s global network, performing TCP and SSL terminations close to end user, thereby improving performance of client access to applications.  Traffic from AFD instances running at the Edge to application backends is routed on Microsoft’s private global network providing high reliability and optimized routing to the destination.

“The TCP and TLS optimizations from Azure Front Door along with their global edge footprint is perfect for our high-volume services”
– Ravi Krishnaswamy, CTO

“Azure Front Door Service allows us to manage our costs in a predictable way whilst ensuring performance for our end users”
– Colin Farrelly, DevOps SME

Figure 2: Sample architecture for accelerated and scalable web application

Another core Azure Front Door use case for building highly scalable apps is utilizing AFD’s smart load balancing algorithm to route traffic to the fastest available backend. Unlike the typical DNS-based load balancing systems, Azure Front Door delivers near instant failover across your application backends and with more granular control to even failover specific microservices. Our smart and efficient load balancing algorithms support both active-active as well as active-passive deployment configurations.

Figure 3: Sample architecture of an always-on web application

Azure Front Door Service is now generally available, providing a 99.99 percent availability SLA and a myriad of features including SSL offload, URL redirect and rewrite, HTTP/2, IPv6 support, session affinity, simple domain onboarding with free or custom SSL certs, caching, and much more. You can also read about the AFD WAF Preview which is also available now as well! Azure Front Door’s GA pricing goes into effect on May 1, 2019. Until then, you will continue to be billed based on the preview pricing.

Get started

Get started with the Azure Front Door Service today! To learn more about the service and the various features, refer to AFD documentation. If you are interested in exploring capabilities beyond the standard offering, simply file a feature request on our UserVoice page or feel free to contact us at afdfeedback@microsoft.com.
Quelle: Azure

Fast and optimized connectivity and delivery solutions on Azure

Azure Front Door, ExpressRoute Direct and Global Reach now generally available

Today I’m excited to announce the availability of innovative and industry leading Azure services that will help the attendees of NAB realize their future vision to deliver for their audiences – Azure Front Door Service (AFD), ExpressRoute Direct and Global Reach, as well as some cool new additions to both AFD and our Content Delivery Network (CDN).

This coming week, Microsoft will be at NAB Show 2019 in Las Vegas, bringing together an industry centered centered on the ablity to deliver richer content experiences or audienes around  the word..  The media and entertainment industry will gather together for an in-depth view of the current, as well as the future of media technology and innovation, showcasing new and innovative cloud services to optimize and scale rich content experiences.

Bringing the media industry to the cloud has a tremendous impact on the entire content workflow; from production, post, delivery and IT operations, cloud services enable companies to scale their ability to innovate, create, and bring more content to market. This transformation however starts somewhere else; it starts with the most critical piece, which is the users or consumers of services.

Fig. 1 Sample architecture of media content ingestion to delivery

With the ever-increasing granularity of data, quality, volume and size of content consumed by an enormous number of users and devices, new customer needs and demands are emerging, and we recognize the massive amount of options and choices available to our customers today.   Shouldered on top of Microsoft’s global network, Azure seeks to provide the fastest and most optimized connectivity and delivery options to our customers for all parts of the media production and delivery workflow. 

Last year, driven by customers’ demand and their passion for pushing more data to Azure, we launched ExpressRoute Direct into preview in the fall of last year. Now generally available, ExpressRoute Direct provides 100 Gbps connectivity, which is the first service of its scale in public cloud and focuses on core scenarios around large data-ingestion, R&D, media services, graphics and the like.

Similarly, and also generally available today, we announced ExpressRoute Global Reach, extending the use of ExpressRoute from on-premises or from your corporate datacenter to Azure, to now also provide connectivity between on-premises sites, using the Microsoft Global network. Building new or extending existing ExpressRoute solutions with Direct and Global Reach, is a fast and flexible way to support multi-site collaboration centered around services, data and content stored in Azure. It is also a new option to compliment your existing connectivity/WAN/MPLS provider as a backup solution or provide the primary path where your service provider may not have the reach to deliver services locally.

At the same time, driven by our customers’ needs to drive rich, online application experiences, we launched the Azure Front Door Service into preview. Now generally available, Azure Front Door extends use of the global service that enables Microsoft’s global brands like Office 365, Bing, Teams, Azure DevOps and Xbox to build high performance, high availability, secure web applications. Now with Web Application Firewall (WAF) capabilities in public preview, Azure Front Door accelerates and secures your applications at the edge of Microsoft’s Global network.

 

“Electrolux is a global conglomerate of brands, selling more than 60 million products across 150 markets. Azure Front Door has enabled us to easily scale our service architecture and APIs to all our global developers and partners in the Wellbeing category.

It took us 10 minutes to set up global routing for our API services, using custom domains and own SSL certs.”

Andreas Larsson, Director of Engineering – Software Products

 

These new, innovative services enable you to quickly accelerate and optimize your end-to-end workflow in Azure.  Get started with these new services and the rest of Azure’s networking portfolio today and look for more new services coming soon. I encourage you to watch our newest video on hybrid networking options with Azure, as well as additional details and links to resources.

Watch the video, "Hybrid networking in Microsoft Azure" for an architectural overview and demo of hybrid connectivity options in Azure.

Putting a rich platform of infra and app services on top of a world-class global network (WAN) with the ability to connect, ingest, store and collaborate across shared data and content assets, makes a premiere toolbox for building and delivery modern applications and content.

Azure Front Door Service (AFD) the newest member of our application delivery portfolio, is now generally available. Since we launched this sophisticated tool in preview to customers last year, the interest and feedback have been amazing.

AFD enables customers to build applications that are truly global by ensuring fast, always-on and secure delivery of your web applications to services inside or outside of Azure. It provides a one stop solution for website acceleration, global HTTP/HTTPS load balancing, API fronting, SSL offload and now also WAF running at the edge of Microsoft’s global network. Improving customers’ application experiences and quality with Azure Front Door can dramatically influence end user behavior.  

Today in preview, we are enabling a new and fully integrated web application firewall (WAF) with Azure Front Door. WAF at the edge, gives customers total control on access to media and applications. Customers can protect their web application from multiple attack vectors such as volumetric denial of service and targeted application exploits, by inspecting each incoming request at Azure’s network edge before they reach their service’s region.

WAF with Azure Front Door enables tuning access to web application using both custom rules in addition to turning on a collection of security rules, managed by Microsoft, against common web application vulnerabilities. We also allow a centralized security policy management that instantaneously propagating any changes you make to all the Front Door edges.

Launching AFD to enable our customers to build world-class web applications, is another great example of an enterprise grade service, battle-tested by years of constant support to Microsoft’s biggest businesses like Bing, Office 365, Xbox Live, MSN, and Azure DevOps, proving its mettle to deal with massive scale and high availability for business-critical applications. Get started with Azure Front Door Service for commerce sites, API routing, global websites, cloud migration scenarios. Learn more about the AFD announcement.

 

Azure CDN offers a true multi-CDN experience to deliver content to global or regional audiences, featuring 3 world class networks from Microsoft, Verizon and Akamai.

The unified platform, APIs, support and billing experience enables easy, fast setup and management of multiple CDN networks all in one place. Deep integration with Azure enables optimized experiences with Azure services and provides benefits whether your content is hosted in Azure or anywhere else.  

To further meet the increasing complexity of our customers CDN needs we’re excited to announce two new features of Azure CDN; root domain support and CDN managed certificates for Azure CDN from Akamai. Through integration with Azure DNS, root domain support is available across all providers in Azure CDN via DNS Alias records. This enables products that are using their root domain for their web sites, experiences or content to deliver that content through Azure CDN. In addition, managed custom domain certificates enable Azure CDN from Akamai customers now to turn on SSL on their custom domain with few clicks. Azure CDN also completely handles certificate management tasks such as procurement and renewal. 

With these and more upcoming improvements to Azure CDN we’re enabling our customers to customize how they leverage the combined footprint of Microsoft, Verizon, and Akamai to deliver content from our 1300+ (and growing!) points of presence around the world. Find more information on these new features and Azure CDN.

Find out more about Azure’s networking services through the links below.

Networking services overview
ExpressRoute
ExpressRoute Pricing
Front Door
Front Door Pricing
Azure CDN
Azure CDN Pricing

Quelle: Azure

Event-driven Java with Spring Cloud Stream Binder for Azure Event Hubs

Spring Cloud Stream Binder for Azure Event Hubs is now generally available. It is simple to build highly scalable event-driven Java apps using Spring Cloud Stream with Event Hubs, a fully managed, real-time data ingestion service on Azure that is resilient and reliable service for any situation. This includes emergencies, thanks to its geo-disaster recovery and geo-replication features.

Spring Cloud Stream provides a binder abstraction for popular message broker implementations. It provides a flexible programming model built on already established and familiar Spring idioms and best practices, including support for persistent pub/sub semantics, consumer groups, and stateful partitions. Now, developers can use the same patterns for building Java apps with Event Hubs.

Getting started 

Check out the tutorial, “How to create a Spring Cloud Stream Binder application with Azure Event Hubs,” and build a Java-based Spring Cloud Stream Binder application using the Spring Boot Initializer with Azure Event Hubs. Go to the Azure portal and create a new Event Hubs namespace. Add the following Maven dependency into your Java project. 

<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>spring-cloud-azure-eventhubs-stream-binder</artifactId>
<version>1.1.0.RC4</version>
</dependency>

Publish messages

Use @EnableBinding(Source.class) to annotate a source class and publish messages to Event Hubs with Spring Cloud Stream patterns. You can customize the output channel for the Source with configurations.

Destination: Specify which Event Hub to connect with the output channel.
Sync/Async: Specify the mode to produce the messages.

Subscribe to messages 

Use @EnableBinding(Sink.class) to annotate a sink class and consume messages from Event Hubs. You can also customize the input channel with configurations. For the full list, please refer to the documentation, “How to create a Spring Cloud Stream Binder application with Azure Event Hubs.”

Destination: Specify an Event Hub to bind with the input channel.
Customer Group: Specify a Consumer Group to receive messages.

Try building event-driven Java apps using Spring Cloud Stream Binder for Event Hubs 

Try out a Java app using Spring Cloud Stream Binder on Azure Event Hubs and let us know what you think via email or comments below.

Additional resources

How to create a Spring Cloud Stream Binder application with Azure Event Hubs
Spring on Azure Developer Hub
Java on Azure Developer Hub
Spring Cloud for Azure 
Azure Event Hubs

Quelle: Azure

Unlock dedicated resources and enterprise features by migrating to Service Bus Premium

Azure Service Bus has been the Messaging as a Service (MaaS) option of choice for our enterprise customers. We’ve seen tremendous growth to our customer base and usage of the existing namespaces, which inspires us to bring more features to the service.

We recently expanded Azure Service Bus to support all Azure regions with Availability Zones to help our customers build more resilient solutions. We also expanded the Azure Service Bus Premium tier to more regions to enable our customers to leverage many enterprise ready features on their Azure Service Bus namespaces while also being closer to their customers.

The Azure Service Bus Premium tier is a relatively newer offering, made generally available in September 2015, that allows our customers to provision dedicated resources for their Azure Service Bus namespaces. This in turn provides reliable throughput and predictable latency, along with production and enterprise ready features at a fixed price per Messaging Unit. This is a major improvement from the Azure Service Bus Standard tier that is a multi-tenant system optimized for lower throughput systems using a pay-as-you-go model.

Our Azure Service Bus Premium tier offering has resonated well with the customers, who have been excited to get onboard to enjoy the value add that it provides. However, until now, we haven’t had a way to upgrade the existing Azure Service Bus Standard namespaces to the Premium tier. That is now about to change.

Today, we’re happy to announce tools, both on the Azure portal and via the Command Line Interface/PowerShell that enables our customers to upgrade their existing Azure Service Bus Standard namespaces to the Premium tier. This tooling will ensure that no configuration changes are required on the sender and receiver applications, while enabling our customers to adopt the best offering for their use case, with minimal downtime.

To know more about this feature and the finer details on what is happening under the hood, please read the documentation.

You can access the portal tool by clicking on the “Migrate to Premium” menu option on the left navigation pane under the Service Bus Standard namespace that you are looking to migrate.
Quelle: Azure

Announcing the Azure Functions Premium plan for enterprise serverless workloads

We are very excited to announce the Azure Functions Premium plan in preview, our newest Functions hosting model! This plan enables a suite of long requested scaling and connectivity options without compromising on event-based scale. With the Premium plan you can use pre-warmed instances to run your app with no delay after being idle, you can run on more powerful instances, and you can connect to VNETs, all while automatically scaling in response to load.

Huge thanks to everyone that participated in our private preview! Symantec Corporation and Volpara Solutions are just a few of the companies that will benefit from the new features of the Premium plan.

See below of a comparison of how the Premium plan improves on our existing dynamically scaling plan, the Consumption Plan.

Advanced scale controls enable customized deployments

Instance size can now be specified with the Premium plan. You can select up to four D-series cores and 14 GB of memory. These instances are substantially more powerful than the A-series instances available to functions using the Consumption plan, allowing you to run much more CPU or memory intensive workloads in individual invocations.

Available Instance sizes

Maximum Instances can now also be specified with the Premium plan. This is one of the most highly requested features and allows you to limit the maximum scale out of your Premium plan. Restricting max scale out can protect downstream resources from being overwhelmed by your functions and allows you to predict your maximum possible bill each month.

Minimum Instances can be specified in the Premium plan to allow you to pre-scale your application ahead of predicted demand. If you suspect an email campaign, sale, or any time gated event will cause your app to scale faster than it can replenish pre-warmed instances. You can increase your minimum instances to pre-load capacity.

We’ve built a sample Durable Function that will move any function between the Consumption and Premium plan with pre-warmed instances on a schedule, allowing you to optimize for the best cost.

Connect Functions to VNET

The Premium plan allows dynamic scaling functions to connect to a VNET and securely access resources in a private network. This feature was previously only available by running Functions in an App Service Plan or App Service Environment, and is now available in a dynamically scaling model by using the Premium plan. Read more about VNET integration.

Pre-warmed Instances let you avoid cold start

With the Functions Premium plan we are offering a solution to the delay when calling a serverless application for the first time: pre-warmed instances. This delay is commonly referred as cold start, and it’s one of the most common problems amongst serverless developers. For more details on what cold start is and why it happens please refer to the blog post, “Understanding serverless cold start.”

In the Premium plan, we offer you the ability to specify a number of pre-warmed instances that are kept warm with your code ready to execute. When your application needs to scale, it first uses a pre-warmed instance with no cold start. Your app immediately pre-warms another instance in the background to replenish the buffer of pre-warmed instances. This model allows you to avoid any delay on the execution for the first request to an idle app, and also at each scaling point.

Today we only allow one pre-warmed instance per site, but we expect to open that up to higher numbers in the following weeks.

Keeping a pool of pre-warmed instances to scale into is one of the core advantages beyond existing workarounds. Today in the Consumption plan many developers work around cold start by implementing a “pinger” to constantly ping their application to keep it warm. While this does work for the first request, apps with pingers will still experience cold start as they scale out, since the new instances pulled to run the application won’t be ready to execute the code immediately. We always keep the number of pre-warmed instances you’ve requested ready as a buffer, so you’ll never see cold-start delays so long as you’re scaling slower than we can warm up instances.

Try it out and learn more!

The Azure Functions Premium plan is available in preview today to try out! Here’s what you can do to learn more about it:

Check out how to get started with the Premium plan.
Learn how to switch functions between Consumption and Premium plans.
Sign up for an Azure free account if you don’t have one yet, and try out the Azure Functions Premium plan.
Troubleshoot with the community and file any issues you run into on our GitHub repo.
Learn more about the Premium plan and other enterprise serverless features in the Mechanics Show below:

Quelle: Azure

Extending Azure Security Center capabilities

This blog post was co-authored by Ron Matchoro, Principal Program Manager, Ronit Reger, Senior Program Manager, Miri Landau, Senior Program Manager, and Devendra Tiwari, Principal PM Manager, Azure Security Center.

As more organizations are delivering innovation faster by moving their businesses to the cloud, increased security is critically important for every industry. Azure has built-in security controls across data, applications, compute, networking, identity, threat protection, and security management so you can customize protection and integrate partner solutions. Microsoft Azure Security Center is the central hub for monitoring and protecting against related incidents within Azure. 

We love making Azure Security Center richer for our customers, and we are excited to share exciting updates this week at Hannover Messe 2019. We are excited to announce that Advanced Threat Protection for Azure Storage, the Regulatory Compliance Dashboard, Dedicated Hardware Security Module Service (HMS) in UK, Canada, and Australia, Azure disk encryption support for Virtual Machine Scale Sets (VMSS), and support for virtual machine sets are now generally available as part of Azure Security Center.

Advanced Threat Protection for Azure Storage is now generally available

Advanced Threat Protection for Azure Storage helps customers detect and respond to potential threats on their storage account as they occur. This layer of protection allows you to protect and address concerns without needing to be an expert in security. Enabling it is quick and simple. Once enabled, security alerts are triggered when suspicious activity occurs and you can view them listed in Azure Security Center. Security alerts provide details of suspicious activity that was detected and recommended actions to take to investigate and mitigate the potential threat.

The benefits of Advanced Threat Protection for Azure Storage includes:

Detection of anomalous access and data exfiltration activities.
Email alerts with actionable investigation and remediation steps.
Centralized views of alerts for the entire Azure tenant using Azure Security Center.
Easy enablement for many storage accounts using the Azure portal, Azure Policy, or Standard Azure APIs.

To learn more, refer to the documentation, “Advanced Threat Protection for Azure Storage,” or the Azure Security Center pricing page.

Regulatory compliance dashboard in Azure Security Center is generally available

We are pleased to announce that the regulatory compliance dashboard in Azure Security Center is now generally available! The dashboard helps Security Center customers streamline their compliance process by providing insight into their compliance posture for a set of supported standards and regulations.

The compliance dashboard surfaces security assessments and recommendations as they align to specific compliance requirements based on continuous assessments of your Azure and hybrid environments. The dashboard also provides actionable information for how to act on recommendations and reduce risk factors in your environment, and thus improve your overall compliance posture.

The information provided by the regulatory compliance dashboard can be very useful for providing evidence to internal and external auditors on your compliance status with the supported standards. To further facilitate this, you can now generate and download a compliance report directly from the compliance dashboard. The report can be generated for a particular supported compliance standard and depicts a high-level summary of your current compliance status with respect to that standard. In addition, you can now automate compliance processes and manage them at scale using programmatic APIs.

To learn more about regulatory compliance in Azure Security Center, visit the documentation, “Tutorial: Improve your regulatory compliance.”

Azure Security Center now supports Virtual Machine Scale Sets

Security Center can now protect your Virtual Machine Scale Sets. You can easily monitor the security posture of your VM Scale Sets with security recommendations to increase overall security, reduce vulnerabilities, and detect threats with Security Center’s advanced threat detection capabilities.

Security Center automatically discovers your VM Scales Sets and recommends that you install the monitoring agent to get better security assessments and enable events-based threat detection.

You can view the security health and recommendations of each VM scale set:

For every VM scale set instance, you can benefit from a list of recommendations such as:

Install the monitoring agent 
Remediate vulnerabilities in security configuration 
Remediate endpoint protection health failures 
Install endpoint protection solution on virtual machine scale sets
Install system updates 
Enable diagnostics logs in Virtual Machine Scale Sets’

Threat detection alerts are also available for VM scale sets instances for any VM protected by Security Center standard tier. To learn more on VM Scale Set support.

Note: Pricing of VM scale sets instances is the same as VM. For detailed information visit our pricing page.

Announcing Azure Dedicated HSM service availability in UK, Canada, and Australia regions

The Azure Dedicated Hardware Security Module (HSM) service provides cryptographic key storage in Azure and meets the most stringent customer security and compliance requirements. This service is the ideal solution for customers requiring FIPS 140-2 Level 3 validated devices and complete, exclusive control of the HSM appliance. The Dedicated HSM service uses SafeNet Luna Network HSM 7 devices from Gemalto. This device offers the highest levels of performance and cryptographic integration options and makes it simple for you to migrate HSM-protected applications to Azure. The Azure Dedicated HSM is leased on a single-tenant basis.

The Azure Dedicated HSM service was originally announced in 8 Azure public regions on November 28, 2018 and we are now pleased to announce that the service is expanded to the UK, Canada, and Australia. With this new announcement, the Dedicated HSM service is now available in 14 regions namely, East US, West US, South Central US, East US 2, Southeast Asia, East Asia, West Europe, North Europe, UK South, UK West, Canada Central, Canada East, Australia East, and Australia Southwest regions. We plan to continue expanding this service to other Azure regions.

To learn about the Dedicated HSM service availability announcement, please refer to blog post, “Announcing Azure Dedicated HSM availability.”
To learn more about the Azure Dedicated HSM service, please refer to the service documentation.
To learn about pricing and suitability of this service for your applications, please contact your Microsoft Account representative.

Announcing Azure Disk Encryption general availability for Virtual Machine Scale Sets

Today, we are excited to announce the general availability of Azure Disk Encryption (ADE) for Virtual Machine Scale Sets (VMSS). With this announcement, Azure disk encryption can be enabled for Windows and Linux Virtual Machine Scale Sets in Azure public regions. This enables customers to help protect and safeguard the Virtual Machine Scale Sets data at rest using industry standard encryption technology.

Azure Disk Encryption is a capability that helps you encrypt your Windows and Linux IaaS Virtual Machine Scale Sets disks. Disk Encryption leverages the industry standard BitLocker feature of Windows and the DM-Crypt feature of Linux to provide volume encryption of disks. The solution is integrated with Azure Key Vault to help you control and manage the disk-encryption keys and secrets. The solution also ensures that all data on the VM disks are encrypted at rest in your Azure Storage.

The solution is deployed in all Azure public regions. Additional details on supported and unsupported scenarios, interfaces, and how you can use the disk encryption technology to encrypt your Virtual Machine Scale Sets and validate your scenarios is documented below.

Supported scenarios

Virtual Machine Scale Sets encryption is supported only for scale sets created with managed disks, and not supported for native (or unmanaged) disk scale sets.
Virtual Machine Scale Sets encryption is supported for OS and Data volumes for Windows Virtual Machine Scale Sets.
Disable encryption is supported for OS and data volumes for Windows Virtual Machine Scale Sets.
Virtual Machine Scale Sets encryption is supported for data volume for Linux Virtual Machine Scale Sets. Disable encryption is supported for data volumes for Linux Virtual Machine Scale Sets.
Virtual Machine Scale Sets reimage and upgrade operations are supported.
The key vault to safeguard the encryption must be provisioned with the right access policies in the same subscription and same region as the Virtual Machine Scale Sets.

Unsupported scenarios

Virtual Machine Scale Sets encryption is not supported for scale sets created with native (or unmanaged) disk.
Virtual Machine Scale Sets encryption is not supported for OS volume for Linux Virtual Machine Scale Sets encryption.

For additional details on Azure Disk Encryption support for Virtual Machine Scale Sets, refer to the below ADE documentation:

Azure Disk encryption pre-requisites
Windows Virtual Machine Scale Sets encryption
Linux Virtual Machine Scale Sets encryption

We continue to invest in Azure Security Center where you can easily get a unified view of security across all your on-premises and cloud workloads, continuously monitor the security of your machines, networks, and Azure services, and use advanced analytics and the Microsoft Intelligent Security Graph to get an edge over evolving cyber-attacks. To try Security Center’s new capabilities, please visit the Azure Security Center homepage. As always, for any feedback or additional information contact our team at SecurityCenter@microsoft.com.

Learn how Microsoft partners are building a sustainable future at Hannover Messe 2019.
Quelle: Azure

Self-service exchange and refund for Azure Reservations

Azure Reservations provide flexibility to help meet your evolving needs. You can exchange a reservation for another reservation of the same type, and you can refund a reservation if you no longer need it.

Exchange an existing reserved instance

You start the exchange in the Azure portal with Azure Reservations.

1. Select the reservations that you want to refund and choose Exchange.

2. Select the SKU you want to purchase and provide quantity. Make sure that the new purchase total is more than the return total. Determine the right size before you purchase.

3. Review and complete the transaction.

For refunding a reservation, go to reservation details and select Refund.

How the return and exchange transactions are processed

First, Microsoft cancels the existing reservation and refunds the pro-rated amount for that reservation. If there is an exchange, the new purchase is processed. Microsoft processes refunds using one of the following methods, depending on your account type and payment method:

Refund processing for enterprise agreement customers

If the original purchase was made using a monetary commitment, then the money is added back to the monetary commitment for both exchange and refunds. Any overage invoices since the original purchase are re-opened and re-rated to make sure that the monetary commitment is used. If the monetary commitment term using the reservation was purchased and is no longer active, then credit will be added to your current enterprise agreement monetary commitment term.

If the original purchase was made as overage, we issue a credit memo.

Refund processing for pay-as-you-go customers with invoice payment method and Cloud solution provider program

The original reservation purchase invoice is cancelled and then a new invoice is created for the refund. For exchange the new invoice has both the refund and the new purchase. The refund amount is adjusted against the purchase. If you only refunded a reservation, then the prorated amount stays with Microsoft and it is adjusted against a future reservation purchase.

Refund processing for pay-as-you-go customers who use credit card payment method

The original invoice is cancelled and a new invoice is created. The money is refunded to the credit card that was used for the original purchase. If you’ve since changed your card, please contact support.

Exchange policies

You can return multiple existing reservations to purchase a new reservation of the same type. You can’t exchange reservations of one type for another. For example, you can’t return a virtual machine (VM) reservation to purchase a SQL reservation.
Only reservation order owners can process an exchange. Learn how to add or change users who can manage a reservation.
An exchange is processed as a refund and repurchased, different transactions are created for the cancellation and the new purchase. The pro-rated reservation amount is refunded for the reservations that you trade-in. You are charged fully for the new purchase. The pro-rated reservation amount is the daily pro-rated residual value of the reservation being returned.
Reservations can be exchanged or refunded even if the enterprise agreement using which the reservation was purchased has expired and has since renewed into a new enterprise agreement.
You can change any reservation property such as size, region, quantity, and term with the exchange.
The new purchase total should equal or be greater than the returned amount.
The new reservation purchased as part of exchange has a new term starting from the time of exchange.
There is no penalty or annual limits for exchanges.

Refund policies

Your total refund is subject to a maximum amount within a 12-month rolling window. To learn more, refer to our refund policies.
Only reservation order owners can process a refund. Learn how to add or change users who can manage a reservation.
Microsoft reserves the right to charge a 12 percent penalty for any returns, although the penalty is not currently charged.

Exchanging a reservation purchased for a VM size that doesn’t support premium storage for VM size that supports premium storage

In order to exchange reservations purchased from VM sizes that don’t support premium storage, to corresponding VM sizes that do support premium storage, go to the reservation details and select Exchange. Such an exchange doesn’t reset the term of the reserved instance or lead to a new transaction.
Quelle: Azure