Unlock dedicated resources and enterprise features by migrating to Service Bus Premium

Azure Service Bus has been the Messaging as a Service (MaaS) option of choice for our enterprise customers. We’ve seen tremendous growth to our customer base and usage of the existing namespaces, which inspires us to bring more features to the service.

We recently expanded Azure Service Bus to support all Azure regions with Availability Zones to help our customers build more resilient solutions. We also expanded the Azure Service Bus Premium tier to more regions to enable our customers to leverage many enterprise ready features on their Azure Service Bus namespaces while also being closer to their customers.

The Azure Service Bus Premium tier is a relatively newer offering, made generally available in September 2015, that allows our customers to provision dedicated resources for their Azure Service Bus namespaces. This in turn provides reliable throughput and predictable latency, along with production and enterprise ready features at a fixed price per Messaging Unit. This is a major improvement from the Azure Service Bus Standard tier that is a multi-tenant system optimized for lower throughput systems using a pay-as-you-go model.

Our Azure Service Bus Premium tier offering has resonated well with the customers, who have been excited to get onboard to enjoy the value add that it provides. However, until now, we haven’t had a way to upgrade the existing Azure Service Bus Standard namespaces to the Premium tier. That is now about to change.

Today, we’re happy to announce tools, both on the Azure portal and via the Command Line Interface/PowerShell that enables our customers to upgrade their existing Azure Service Bus Standard namespaces to the Premium tier. This tooling will ensure that no configuration changes are required on the sender and receiver applications, while enabling our customers to adopt the best offering for their use case, with minimal downtime.

To know more about this feature and the finer details on what is happening under the hood, please read the documentation.

You can access the portal tool by clicking on the “Migrate to Premium” menu option on the left navigation pane under the Service Bus Standard namespace that you are looking to migrate.
Quelle: Azure

Announcing the Azure Functions Premium plan for enterprise serverless workloads

We are very excited to announce the Azure Functions Premium plan in preview, our newest Functions hosting model! This plan enables a suite of long requested scaling and connectivity options without compromising on event-based scale. With the Premium plan you can use pre-warmed instances to run your app with no delay after being idle, you can run on more powerful instances, and you can connect to VNETs, all while automatically scaling in response to load.

Huge thanks to everyone that participated in our private preview! Symantec Corporation and Volpara Solutions are just a few of the companies that will benefit from the new features of the Premium plan.

See below of a comparison of how the Premium plan improves on our existing dynamically scaling plan, the Consumption Plan.

Advanced scale controls enable customized deployments

Instance size can now be specified with the Premium plan. You can select up to four D-series cores and 14 GB of memory. These instances are substantially more powerful than the A-series instances available to functions using the Consumption plan, allowing you to run much more CPU or memory intensive workloads in individual invocations.

Available Instance sizes

Maximum Instances can now also be specified with the Premium plan. This is one of the most highly requested features and allows you to limit the maximum scale out of your Premium plan. Restricting max scale out can protect downstream resources from being overwhelmed by your functions and allows you to predict your maximum possible bill each month.

Minimum Instances can be specified in the Premium plan to allow you to pre-scale your application ahead of predicted demand. If you suspect an email campaign, sale, or any time gated event will cause your app to scale faster than it can replenish pre-warmed instances. You can increase your minimum instances to pre-load capacity.

We’ve built a sample Durable Function that will move any function between the Consumption and Premium plan with pre-warmed instances on a schedule, allowing you to optimize for the best cost.

Connect Functions to VNET

The Premium plan allows dynamic scaling functions to connect to a VNET and securely access resources in a private network. This feature was previously only available by running Functions in an App Service Plan or App Service Environment, and is now available in a dynamically scaling model by using the Premium plan. Read more about VNET integration.

Pre-warmed Instances let you avoid cold start

With the Functions Premium plan we are offering a solution to the delay when calling a serverless application for the first time: pre-warmed instances. This delay is commonly referred as cold start, and it’s one of the most common problems amongst serverless developers. For more details on what cold start is and why it happens please refer to the blog post, “Understanding serverless cold start.”

In the Premium plan, we offer you the ability to specify a number of pre-warmed instances that are kept warm with your code ready to execute. When your application needs to scale, it first uses a pre-warmed instance with no cold start. Your app immediately pre-warms another instance in the background to replenish the buffer of pre-warmed instances. This model allows you to avoid any delay on the execution for the first request to an idle app, and also at each scaling point.

Today we only allow one pre-warmed instance per site, but we expect to open that up to higher numbers in the following weeks.

Keeping a pool of pre-warmed instances to scale into is one of the core advantages beyond existing workarounds. Today in the Consumption plan many developers work around cold start by implementing a “pinger” to constantly ping their application to keep it warm. While this does work for the first request, apps with pingers will still experience cold start as they scale out, since the new instances pulled to run the application won’t be ready to execute the code immediately. We always keep the number of pre-warmed instances you’ve requested ready as a buffer, so you’ll never see cold-start delays so long as you’re scaling slower than we can warm up instances.

Try it out and learn more!

The Azure Functions Premium plan is available in preview today to try out! Here’s what you can do to learn more about it:

Check out how to get started with the Premium plan.
Learn how to switch functions between Consumption and Premium plans.
Sign up for an Azure free account if you don’t have one yet, and try out the Azure Functions Premium plan.
Troubleshoot with the community and file any issues you run into on our GitHub repo.
Learn more about the Premium plan and other enterprise serverless features in the Mechanics Show below:

Quelle: Azure

Extending Azure Security Center capabilities

This blog post was co-authored by Ron Matchoro, Principal Program Manager, Ronit Reger, Senior Program Manager, Miri Landau, Senior Program Manager, and Devendra Tiwari, Principal PM Manager, Azure Security Center.

As more organizations are delivering innovation faster by moving their businesses to the cloud, increased security is critically important for every industry. Azure has built-in security controls across data, applications, compute, networking, identity, threat protection, and security management so you can customize protection and integrate partner solutions. Microsoft Azure Security Center is the central hub for monitoring and protecting against related incidents within Azure. 

We love making Azure Security Center richer for our customers, and we are excited to share exciting updates this week at Hannover Messe 2019. We are excited to announce that Advanced Threat Protection for Azure Storage, the Regulatory Compliance Dashboard, Dedicated Hardware Security Module Service (HMS) in UK, Canada, and Australia, Azure disk encryption support for Virtual Machine Scale Sets (VMSS), and support for virtual machine sets are now generally available as part of Azure Security Center.

Advanced Threat Protection for Azure Storage is now generally available

Advanced Threat Protection for Azure Storage helps customers detect and respond to potential threats on their storage account as they occur. This layer of protection allows you to protect and address concerns without needing to be an expert in security. Enabling it is quick and simple. Once enabled, security alerts are triggered when suspicious activity occurs and you can view them listed in Azure Security Center. Security alerts provide details of suspicious activity that was detected and recommended actions to take to investigate and mitigate the potential threat.

The benefits of Advanced Threat Protection for Azure Storage includes:

Detection of anomalous access and data exfiltration activities.
Email alerts with actionable investigation and remediation steps.
Centralized views of alerts for the entire Azure tenant using Azure Security Center.
Easy enablement for many storage accounts using the Azure portal, Azure Policy, or Standard Azure APIs.

To learn more, refer to the documentation, “Advanced Threat Protection for Azure Storage,” or the Azure Security Center pricing page.

Regulatory compliance dashboard in Azure Security Center is generally available

We are pleased to announce that the regulatory compliance dashboard in Azure Security Center is now generally available! The dashboard helps Security Center customers streamline their compliance process by providing insight into their compliance posture for a set of supported standards and regulations.

The compliance dashboard surfaces security assessments and recommendations as they align to specific compliance requirements based on continuous assessments of your Azure and hybrid environments. The dashboard also provides actionable information for how to act on recommendations and reduce risk factors in your environment, and thus improve your overall compliance posture.

The information provided by the regulatory compliance dashboard can be very useful for providing evidence to internal and external auditors on your compliance status with the supported standards. To further facilitate this, you can now generate and download a compliance report directly from the compliance dashboard. The report can be generated for a particular supported compliance standard and depicts a high-level summary of your current compliance status with respect to that standard. In addition, you can now automate compliance processes and manage them at scale using programmatic APIs.

To learn more about regulatory compliance in Azure Security Center, visit the documentation, “Tutorial: Improve your regulatory compliance.”

Azure Security Center now supports Virtual Machine Scale Sets

Security Center can now protect your Virtual Machine Scale Sets. You can easily monitor the security posture of your VM Scale Sets with security recommendations to increase overall security, reduce vulnerabilities, and detect threats with Security Center’s advanced threat detection capabilities.

Security Center automatically discovers your VM Scales Sets and recommends that you install the monitoring agent to get better security assessments and enable events-based threat detection.

You can view the security health and recommendations of each VM scale set:

For every VM scale set instance, you can benefit from a list of recommendations such as:

Install the monitoring agent 
Remediate vulnerabilities in security configuration 
Remediate endpoint protection health failures 
Install endpoint protection solution on virtual machine scale sets
Install system updates 
Enable diagnostics logs in Virtual Machine Scale Sets’

Threat detection alerts are also available for VM scale sets instances for any VM protected by Security Center standard tier. To learn more on VM Scale Set support.

Note: Pricing of VM scale sets instances is the same as VM. For detailed information visit our pricing page.

Announcing Azure Dedicated HSM service availability in UK, Canada, and Australia regions

The Azure Dedicated Hardware Security Module (HSM) service provides cryptographic key storage in Azure and meets the most stringent customer security and compliance requirements. This service is the ideal solution for customers requiring FIPS 140-2 Level 3 validated devices and complete, exclusive control of the HSM appliance. The Dedicated HSM service uses SafeNet Luna Network HSM 7 devices from Gemalto. This device offers the highest levels of performance and cryptographic integration options and makes it simple for you to migrate HSM-protected applications to Azure. The Azure Dedicated HSM is leased on a single-tenant basis.

The Azure Dedicated HSM service was originally announced in 8 Azure public regions on November 28, 2018 and we are now pleased to announce that the service is expanded to the UK, Canada, and Australia. With this new announcement, the Dedicated HSM service is now available in 14 regions namely, East US, West US, South Central US, East US 2, Southeast Asia, East Asia, West Europe, North Europe, UK South, UK West, Canada Central, Canada East, Australia East, and Australia Southwest regions. We plan to continue expanding this service to other Azure regions.

To learn about the Dedicated HSM service availability announcement, please refer to blog post, “Announcing Azure Dedicated HSM availability.”
To learn more about the Azure Dedicated HSM service, please refer to the service documentation.
To learn about pricing and suitability of this service for your applications, please contact your Microsoft Account representative.

Announcing Azure Disk Encryption general availability for Virtual Machine Scale Sets

Today, we are excited to announce the general availability of Azure Disk Encryption (ADE) for Virtual Machine Scale Sets (VMSS). With this announcement, Azure disk encryption can be enabled for Windows and Linux Virtual Machine Scale Sets in Azure public regions. This enables customers to help protect and safeguard the Virtual Machine Scale Sets data at rest using industry standard encryption technology.

Azure Disk Encryption is a capability that helps you encrypt your Windows and Linux IaaS Virtual Machine Scale Sets disks. Disk Encryption leverages the industry standard BitLocker feature of Windows and the DM-Crypt feature of Linux to provide volume encryption of disks. The solution is integrated with Azure Key Vault to help you control and manage the disk-encryption keys and secrets. The solution also ensures that all data on the VM disks are encrypted at rest in your Azure Storage.

The solution is deployed in all Azure public regions. Additional details on supported and unsupported scenarios, interfaces, and how you can use the disk encryption technology to encrypt your Virtual Machine Scale Sets and validate your scenarios is documented below.

Supported scenarios

Virtual Machine Scale Sets encryption is supported only for scale sets created with managed disks, and not supported for native (or unmanaged) disk scale sets.
Virtual Machine Scale Sets encryption is supported for OS and Data volumes for Windows Virtual Machine Scale Sets.
Disable encryption is supported for OS and data volumes for Windows Virtual Machine Scale Sets.
Virtual Machine Scale Sets encryption is supported for data volume for Linux Virtual Machine Scale Sets. Disable encryption is supported for data volumes for Linux Virtual Machine Scale Sets.
Virtual Machine Scale Sets reimage and upgrade operations are supported.
The key vault to safeguard the encryption must be provisioned with the right access policies in the same subscription and same region as the Virtual Machine Scale Sets.

Unsupported scenarios

Virtual Machine Scale Sets encryption is not supported for scale sets created with native (or unmanaged) disk.
Virtual Machine Scale Sets encryption is not supported for OS volume for Linux Virtual Machine Scale Sets encryption.

For additional details on Azure Disk Encryption support for Virtual Machine Scale Sets, refer to the below ADE documentation:

Azure Disk encryption pre-requisites
Windows Virtual Machine Scale Sets encryption
Linux Virtual Machine Scale Sets encryption

We continue to invest in Azure Security Center where you can easily get a unified view of security across all your on-premises and cloud workloads, continuously monitor the security of your machines, networks, and Azure services, and use advanced analytics and the Microsoft Intelligent Security Graph to get an edge over evolving cyber-attacks. To try Security Center’s new capabilities, please visit the Azure Security Center homepage. As always, for any feedback or additional information contact our team at SecurityCenter@microsoft.com.

Learn how Microsoft partners are building a sustainable future at Hannover Messe 2019.
Quelle: Azure

Self-service exchange and refund for Azure Reservations

Azure Reservations provide flexibility to help meet your evolving needs. You can exchange a reservation for another reservation of the same type, and you can refund a reservation if you no longer need it.

Exchange an existing reserved instance

You start the exchange in the Azure portal with Azure Reservations.

1. Select the reservations that you want to refund and choose Exchange.

2. Select the SKU you want to purchase and provide quantity. Make sure that the new purchase total is more than the return total. Determine the right size before you purchase.

3. Review and complete the transaction.

For refunding a reservation, go to reservation details and select Refund.

How the return and exchange transactions are processed

First, Microsoft cancels the existing reservation and refunds the pro-rated amount for that reservation. If there is an exchange, the new purchase is processed. Microsoft processes refunds using one of the following methods, depending on your account type and payment method:

Refund processing for enterprise agreement customers

If the original purchase was made using a monetary commitment, then the money is added back to the monetary commitment for both exchange and refunds. Any overage invoices since the original purchase are re-opened and re-rated to make sure that the monetary commitment is used. If the monetary commitment term using the reservation was purchased and is no longer active, then credit will be added to your current enterprise agreement monetary commitment term.

If the original purchase was made as overage, we issue a credit memo.

Refund processing for pay-as-you-go customers with invoice payment method and Cloud solution provider program

The original reservation purchase invoice is cancelled and then a new invoice is created for the refund. For exchange the new invoice has both the refund and the new purchase. The refund amount is adjusted against the purchase. If you only refunded a reservation, then the prorated amount stays with Microsoft and it is adjusted against a future reservation purchase.

Refund processing for pay-as-you-go customers who use credit card payment method

The original invoice is cancelled and a new invoice is created. The money is refunded to the credit card that was used for the original purchase. If you’ve since changed your card, please contact support.

Exchange policies

You can return multiple existing reservations to purchase a new reservation of the same type. You can’t exchange reservations of one type for another. For example, you can’t return a virtual machine (VM) reservation to purchase a SQL reservation.
Only reservation order owners can process an exchange. Learn how to add or change users who can manage a reservation.
An exchange is processed as a refund and repurchased, different transactions are created for the cancellation and the new purchase. The pro-rated reservation amount is refunded for the reservations that you trade-in. You are charged fully for the new purchase. The pro-rated reservation amount is the daily pro-rated residual value of the reservation being returned.
Reservations can be exchanged or refunded even if the enterprise agreement using which the reservation was purchased has expired and has since renewed into a new enterprise agreement.
You can change any reservation property such as size, region, quantity, and term with the exchange.
The new purchase total should equal or be greater than the returned amount.
The new reservation purchased as part of exchange has a new term starting from the time of exchange.
There is no penalty or annual limits for exchanges.

Refund policies

Your total refund is subject to a maximum amount within a 12-month rolling window. To learn more, refer to our refund policies.
Only reservation order owners can process a refund. Learn how to add or change users who can manage a reservation.
Microsoft reserves the right to charge a 12 percent penalty for any returns, although the penalty is not currently charged.

Exchanging a reservation purchased for a VM size that doesn’t support premium storage for VM size that supports premium storage

In order to exchange reservations purchased from VM sizes that don’t support premium storage, to corresponding VM sizes that do support premium storage, go to the reservation details and select Exchange. Such an exchange doesn’t reset the term of the reserved instance or lead to a new transaction.
Quelle: Azure

Microsoft Azure portal April 2019 update

This month’s updates include improvements to IaaS, Azure Data Explorer, Security Center, Recovery Services, Role-Based Access Control, Support, and Intune.

Sign in to the Azure portal now and see for yourself everything that’s new. Download the Azure mobile app to stay connected to your Azure resources anytime, anywhere.

Here’s the list of April updates to the Azure portal:

IaaS

Improved create experience for Managed Disks
Use non-ASCII characters for virtual machine names

Azure Data Explorer

New full-screen Create Cluster experience

Security Center

Public preview: Adaptive network hardening in Azure Security Center
Azure Security Center adaptive application control updates
Support for virtual network peering in Azure Security Center
Azure Security Center: Secure score impact changes

Azure Site Recovery

Replication to managed disks

Role-Based Access Control

New Classic administrators tab

Support

Updated support request experience

Other

Updates to Microsoft Intune

IAAS

Improved create experience for Managed Disks

Managed disks now have the latest UI pattern for creating resources in Azure. This updated flow eliminates horizontal scrolling during the creation workflow and follows the same UI patterns that we use in other popular services like VM, Storage, Cosmos DB and AKS, resulting in easier to learn and better customer experiences.

Use of non-ASCII characters for virtual machine names

We loosened the restrictions on the characters you can use to name a virtual machine in the portal to include non-ASCII characters. Azure virtual machine naming in the portal is constrained by two sets of rules: Azure resource naming rules and guest operating system hostname naming rules, which can be more restrictive. With this release, we allow more Unicode characters in the virtual machine name, which is used as both the Azure resource name and the guest hostname. While the Azure resource name is immutable, you can update the in-guest hostname after the VM is created.

Azure Data Explorer

New full-screen Create Cluster experience

We've changed the way users create clusters. The new experience contains the new UX pattern of "review + create" which appears in several Azure products.

Security Center

Public preview: Adaptive network hardening

Azure Security Center can now learn the network traffic and connectivity patterns of your Azure workload and provide you with network security group (NSG) rule recommendations for your internet-facing virtual machines. This is called adaptive network hardening, and it's now in public preview. It helps you secure connections to and from the public internet (made by workloads running in the public cloud), which are one of the most common attack surfaces.

It can be hard to know which NSG rules should be in place to make sure that Azure workloads are available only to required source ranges. These new recommendations in Security Center help you configure your network access policies and limit your exposure to attacks. Security Center uses machine learning to fully automate this process, including an automated enforcement mechanism. These recommendations also use Microsoft’s extensive threat intelligence reports to make sure that known malicious actors are blocked.

To view these recommendations, in the Security Center portal, select Networking and then Adaptive network hardening.

Adaptive application control updates

In Azure Security Center, adaptive application control in audit mode is now available for Azure Linux VMs. This whitelisting solution is also available for non-Azure Windows and Linux VMs and servers that are connected to Security Center.

In addition, you can now rename groups of virtual machine and server clusters in Security Center. They're still automatically named group1, group2, and so on. But you can then edit them to provide a more meaningful name to your machine cluster groups to help you better represent those application control policy groups. Learn more about automated end-to-end application control in Security Center by visiting our documentation, “Adaptive application controls in Azure Security Center.”

Support for virtual network peering

The network map in Azure Security Center now supports virtual network peering. You can view directly from the network map allowed traffic flows between peered virtual networks and deep dive into the connections and entities.

Secure score impact changes

In Azure Security Center, the number for secure score impact represents how much your overall secure score will improve if you follow recommendations.

Security Center fine tunes the score of the recommendations, continuously adjusting them to make sure they reflect the necessary prioritization. As part of this effort, the secure score has changed for several recommendations. The change might affect your overall secure score. You can learn more about secure score by visiting our documentation, “Improve your secure score in Azure Security Center.”

Azure Site Recovery

Replication to managed disks

Azure Site Recovery (ASR) now supports disaster recovery of VMware virtual machines and physical servers by directly replicating to Managed Disks. All new protections now have this capability available on the Azure portal. In order to enable replication for a machine, you no longer need to create storage accounts. For more details, refer to the announcement blog post, “Simplify disaster recovery with Managed Disks for VMware and physical servers.”

Role-based access control

New Classic administrators tab

If you are still using the classic deployment model, we've consolidated the management of Co-administrators on a new tab named Classic administrators. If you need to add or remove Co-administrators, you can use this new tab. To learn more about this tab, see Azure classic subscription administrators.

To see the new Classic administrators tab:

In the Azure portal, select All services and then Subscriptions.
Select your subscription.
Select Access control (IAM) and then the Classic administrators tab.

Support

Updated support request experience

We have updated the support request creation experience, improving screen real estate usage and creating better interaction patterns.

During support case creation, customers can take advantage of our rich self-help content and diagnostics to troubleshoot their issues and get immediate solutions to their problems. The self-help and troubleshooting steps are available to all customers, including those that have not purchased a technical support plan with Microsoft.

Other

Updates to Microsoft Intune

The Microsoft Intune team has been hard at work on updates as well. You can find the full list of updates to Intune on the “What's new in Microsoft Intune” page, including changes that affect your experience using Intune.

Azure portal “how to” video series

Have you checked out our Azure portal “how to” video series yet? The videos highlight specific aspects of the portal so you can be more efficient and productive while deploying your cloud workloads from the portal. Recent videos include a demonstration of how to create a storage account and upload a blob and how to create an Azure Kubernetes Service cluster in the portal. Keep checking our playlist on YouTube for a new video each week.

Next steps

The Azure portal’s large team of engineers always wants to hear from you, so please keep providing us with your feedback in the comments section below or on Twitter @AzurePortal.

Don’t forget to sign in the Azure portal and download the Azure mobile app today to see everything that’s new. See you next month!
Quelle: Azure

Azure Sphere Retail and Retail Evaluation feeds

Azure Sphere developers might have noticed that we now have two Azure Sphere OS feeds where once there was only one. The Azure Sphere Preview feed that delivered over-the-air OS updates has been replaced by feeds named Retail Azure Sphere OS and Retail Evaluation Azure Sphere OS. What’s the difference and what does it mean for you?

The Retail feed provides a production-ready OS and is intended for broad deployment to end-user installations. The Retail Evaluation feed provides each new OS for 14 days before we release it to the Retail feed. It is intended for backwards compatibility testing.

At the 19.02 release, both feeds delivered the same OS. The 19.03 quality update was released to the Retail Evaluation feed on March 14, 2019 and was promoted to the Retail feed on March 28, 2019. Future releases will similarly be made available on the Retail Evaluation feed for 14 days before they are promoted to the Retail feed.

What’s the value to you?

We’ve designed Azure Sphere for easy updates so that new versions of the OS can be deployed to customer sites without manual intervention. However, we recognize that you want an opportunity to verify your existing applications before your customers receive the new OS. The 14-day evaluation period lets you check that everything works as you expect.

Application binaries that are built only with production APIs from a given OS release will be compatible with all subsequent OS releases. To evaluate the new OS, we recommend that you assign one or more devices to a separate Retail Evaluation device group that is configured to receive the Retail Evaluation feed. Using the devices in this group as “canaries,” you can run your applications and OTA application deployments against the new OS version.

If you encounter problems, please notify us immediately through your Microsoft technical account manager (TAM) so that we can address any issues.

Get started with Azure Sphere

The best way to learn more about the Azure Sphere Retail and Retail Evaluation feeds is by connecting an Azure Sphere devkit or module to the network. If you haven’t already started building with Azure Sphere, you can get started quickly with modules that meet your needs from our ecosystem of Azure Sphere partners. To learn more, view the on-demand Azure Sphere Ecosystem Expansion webinar.
Quelle: Azure

IoT in Action: Enabling cloud transformation across industries

The intelligent cloud and intelligent edge go hand-in-hand, and together they are sparking massive transformation across industries. As computing gets more deeply embedded in the real world, powerful new opportunities arise to transform revenue, productivity, safety, customer experiences, and more. According to a white paper by Keystone Strategy, digital transformation leaders generate 8 percent more per year in operating income than other enterprises.

But what does cloud transformation look like within the context of the Internet of Thing (IoT)?

Below I’ve laid out a typical cloud transformation journey and provided examples of how the cloud is transforming city government, industrial IoT, and oil and gas innovators. For a deep dive on this very topic, I hope you’ll join me and a whole host of cloud and IoT experts, and Microsoft partners and customers at the upcoming IoT in Action event in Houston.

The typical cloud transformation journey

As mentioned, the cloud is a vital piece of IoT. Below I’ve outlined a typical cloud journey.

Embrace an innovation mindset: The first part of the cloud transformation journey—and this applies to digital transformation in general—is building a culture and mindset that is willing to innovate, and welcomes change and the potential it brings. This must start with leadership. If leadership doesn’t set the example of an innovation mindset, it will be difficult to achieve buy-in internally.
Clarify rationale for a cloud move: Typically, these reasons are plentiful such as cost savings, greater availability, and better performance. Understanding rationale from a strategic standpoint and aligning with your overall business goals can help you focus your efforts and find the right cloud fit.
Determine which applications to modernize and migrate: Prioritizing applications and determining which ones need to be migrated is also key. Migration is an opportunity for modernization of the IT ecosystem, which can ultimately save time and money. Making a prioritized plan and budgeting for modernization needs is critical.
Expect cloud usage (and costs) to rise: After the initial migration, cloud consumption typically increases. Due to easy access and relatively low-cost, developers and administrators will consume more resources, developing new applications and solutions.
But then it levels out: As an organization gets a clear understanding around its actual cloud consumption, it will be able to prioritize its workloads, bring some workloads back on premise, and negotiate pricing models. Implementing governance processes will help to control costs and ensure optimal performance.

Below I’ve included a few snapshots that show how the cloud transformation journey is paying off for city government, manufacturers, and the oil and gas industry.

Smart cites and the cloud journey

What do flood detection sensors, firefighting drones, transit wi-fi, and smart water meters have in common? They’re cloud connected.

Houston is on a mission to connect its citizens to the city and the city to its citizens. In the wake of massive Hurricane Harvey destruction, the city is doing more than just rebuilding: it is working to become safer, more resilient, and more connected.

To that end, the City of Houston is working with Microsoft and Microsoft partners to leverage cloud transformation and build repeatable, IoT solutions that span transportation, public safety, disaster recovery and response, connected neighborhoods, smart buildings, and more. A shared vision and strong collaboration from city leaders have been crucial to the success of this massive undertaking.

Learn more about the Microsoft and Houston initiative for details around how Houston is embracing cloud transformation to take care of its citizens.

Industrial IoT and the cloud journey

Industrial organizations are also leveraging digital and cloud transformation. By combining cloud with IoT, manufacturers are able to streamline, increase productivity, and predict issues before they happen. They’re even able to offer new service lines.

Rolls-Royce is a fantastic example of a manufacturer that has embraced cloud transformation to create a valuable service that helps its customers minimize costly delays and maximize fuel efficiency. With more than 13,000 commercial aircraft engines in service worldwide, Rolls Royce uses data from equipment sensors to help airlines predict and plan for maintenance needs and increase fuel economy.

The solution relies on the Microsoft Azure platform and Azure IoT solution accelerators to help filter, synthesize, and analyze massive volumes of data, delivering actionable insights to the right stakeholders at the right time. According to Michael Chester, Product Manager Data Services, Rolls-Royce, “By looking at wider sets of operating data and using machine learning and analytics to spot subtle correlations, we can optimize our models and provide insight that might improve a flight schedule or a maintenance plan and help reduce disruption for our customers.”

Oil and gas IoT and the cloud journey

A shifting competitive landscape, price volatility, technology, and other factors are reshaping the oil and gas industry. Areas of transformation include field empowerment, operations, and industry innovation. Foundational to success is digital transformation.

XTO Energy, a subsidiary of ExxonMobil knows firsthand the importance of digital and cloud transformation. One of the challenges they faced was that the existing infrastructure where they have major holdings didn’t lend itself to collecting data.

Recognizing the need to modernize and use data to drive better decisions, they deployed a series of intelligent cloud and intelligent edge solutions that have helped them keep tabs on well heads. Using the Microsoft Azure platform and Azure IoT technologies, they collect, store, and analyze data, giving XTO Energy new insights into well operations and future drilling possibilities.

According to Brian Khoury, IoT and Data Architecture Supervisor at XTO Energy, “We recognize the need to further digitize and to use data as an asset that drives insights and solves problems that we couldn’t solve when information is confined to physical paper or siloed across departments. Oil and gas tends to be behind in the use of digital tools compared to other industries, so we’re working hard to be more digitally enabled and connected. Embracing the cloud is an important part of that effort because it frees us up from having to manage hardware, storage, servers—all things that aren’t our core business—and we can scale and spin up resources as needed.”

IoT in Action comes to Houston April 16, 2019

The intelligent cloud and intelligent edge present powerful opportunities across industries. Please join us for a one-day IoT in Action event in Houston. This event is a unique opportunity to explore innovative, scalable IoT solutions that enable cloud transformation across industries – from city government to industrial IoT solution providers and oil and gas innovators. It’s also a great way to connect with experts and network with other Microsoft partners and customers to explore opportunities around the intelligent edge and intelligent cloud.
Quelle: Azure

Alerts in Azure are now all the more consistent!

The typical workflow we hear from customers – both ITOps and DevOps teams – is that alerts go to the appropriate team (on-call individual) based on some metadata such as subscription ID, resource groups, and more. The common alert schema makes this workflow more streamlined by providing a clear separation between the essential meta-data that is needed to route the alert, and the additional context that the responsible team (or individual) needs to debug and fix the issue.Azure Monitor alerts provides rich alerting capabilities on a variety of telemetry such as metrics, logs, and activity logs. Over the past year, we have unified the alerting experience by providing a common consumption experience including UX and API for alerts. However, the payload format for alerts remained different which puts the burden of building and maintaining multiple integrations, one for each alert type based on telemetry, on the user. Today, we are releasing a new common alert schema that provides a single extensible format for all alert types.

What’s the common alert schema?

With the common alert schema, all alert payloads generated by Azure Monitor will have a consistent structure. Any alert instance describes the resource that was affected and the cause of the alert, and these are described in the common schema in the following sections:

Essentials: A set of standardized fields which are common across all alert types. It describes what resource the alert is on, along with additional common alert metadata such as severity or description.
Alert context: A set of fields which describe the cause of the alert details that vary based on the alert type. For example, a metric alert would have fields like the metric name and metric value in the alert context, whereas an activity log alert would have information about the event that generated the alert.

How does it help me?

The typical workflow we hear from customers – both ITOps and DevOps teams – is that alerts go to the appropriate team (on-call individual) based on some metadata such as subscription ID, resource groups, and more. The common alert schema makes this workflow more streamlined by providing a clear separation between the essential meta-data that is needed to route the alert, and the additional context that the responsible team (or individual) needs to debug and fix the issue.

Find more information about the exact fields, versioning, and other schema related details.

How is this going to impact me?

If you consume alerts from Azure in any manner whether it be email, webhooks, external tools, or others you might want to continue reading.

Email: A consistent and detailed email template allowing you to not only diagnose issues at a glance, but also jump to the process of working on the incident through deeplinks to the alert details on the portal and the affected resource.
SMS: A consistent SMS template
Webhook, Logic Apps, Azure Functions: A consistent JSON structure, allowing you to easily build integrations across different alert types.

The new schema will also enable a more rich consumption experience across both the Azure portal and the Azure mobile app in the immediate future. You can learn more about the changes coming as part of this feature by visiting our documentation.

Why should I switch over from my existing integrations?

If you already have integrations with the existing schemas, the reason to switch over are many:

Consistent alert structure means that you could potentially have fewer integrations, making the process of managing and maintaining these connectors a much simpler task.
Payload enrichments like rich diagnostic information, ability to customize, and more would surface up only in the new schema.

How do I get this new schema?

To avoid breaking your existing integrations, the common alert schema is something you can opt-in to and opt-out of as well.

To opt-in or out from the Azure portal:

Open any existing or a new action in an action group.
Select Yes for the toggle to enable the common alert schema as shown.

If you wish to opt-in at scale, you can also use the action groups API to automate this process. Learn more about how to write integrations for the common alert schema and the alert context schemas for the different alert types.

As always, we would love to hear your feedback. Please continue to share your thoughts at azurealertsfeedback@microsoft.com
Quelle: Azure