da Agency

Learn how Microsoft datacenter operations prepare for energy issues

The war in Ukraine and the resultant shortage of natural gas has forced the European Union (EU) and European countries to proactively prepare for the possibility of more volatile energy supplies—both this winter and beyond. Microsoft is working with customers, governments, and other stakeholders throughout the region to bring clarity, continuity, and compliance in the face of possible energy-saving strategies at the local and national level. In solidarity with Europe, where even essential services are likely to be asked to find energy savings, we have validated plans and contingencies in place to responsibly reduce energy use in our operations across Europe, and we will do so in a way that minimizes risk to customer workloads running in the Microsoft Cloud.

We want to share some of the contingencies and mitigations that our teams have put in place to responsibly operate our cloud services.

Supporting grid stability by responsibly managing our energy consumption

The power that is consumed by Microsoft from the utilities is primarily used to power our network and servers, cooling systems, and other datacenter operations. We have contingency plans to contribute to energy grid stability, while working to ensure minimal disruption to our customers and their workloads, including:

The scale and distribution of the Microsoft datacenters gives us the ability to reposition non-regional platform as a service (PaaS) services, internal infrastructure, and many of our internal non-customer research and development (R&D) workloads to other nearby regions, while still meeting our data residency and EU Data Boundary commitments.
Actively working with local governments and large organizations to closely monitor and respond to power consumption to ensure grid stability and minimal disruption to our customers’ critical workloads. We are working with local utility providers to ensure our systems are ready for a range of circumstances.
Our datacenter regions are planned and built to withstand grid emergencies. When needed, we quickly transition to backup power sources to reduce impact on the grid without impacting customer workloads.

Resilient infrastructure investment

Microsoft is responsible for providing our customers with a resilient foundation in the Microsoft Cloud—in how it is designed, operated, and monitored to ensure availability. We make considerable investments in the platform itself—physical things like our datacenters, as well as software things like our deployment and maintenance processes.

We strive to provide our cloud-using customers with “five-nines” of service availability, meaning that the datacenter is operational 99.999 percent of the time. However, knowing that service interruptions and failures happen for a myriad of reasons, we build systems designed with failure in mind.

We have Azure Availability Zones (AZs) in every country in which we operate datacenter regions. AZ’s are comprised of a minimum of three zone locations, each with independent power, cooling and networking, allowing customers to spread their infrastructure and applications across discrete and dispersed datacenters for added resiliency and availability.

Battery backup and backup generators are an additional resiliency capability we implement and are utilized during power grid outages and other service interruptions so we can meet service levels and operational reliability. We have contracted access to additional fuel supplies to maintain generator operations, and we also hold critical spares to maintain generator health. We are ready to use backup generators across Europe, when necessary, to keep our services running in case of a serious grid emergency. 

Across our global infrastructure, it’s not unusual for us to work with a heightened operational awareness, due to external factors. For instance, severe winter weather events in Texas in 2021 caused substantial pressure on the Texas energy grid. Microsoft was able to remove its San Antonio datacenter from using grid power. Although Microsoft’s onsite substations were designed with redundancy, we were able to quickly transition to our tertiary redundant systems—generators. These systems kept the datacenters running, with zero impact to our cloud customers, while the utility grid could ensure residential homes stayed warm. During this event, we maintained 100 percent uptime for our customers, while removing our workloads from the grid.

Resiliency recommendations for cloud architectures

This is a challenging time for organizations monitoring the growing energy concerns in Europe. We are providing important infrastructure for the communities where we operate, and our customers are counting on us to provide reliable cloud services to run their critical workloads. We recognize the importance of continuity of service for our customers, including those providing essential services: health care providers, police and emergency responders, financial institutions, manufacturers of critical supplies, grocery stores and health agencies. Organizations wondering what more they can do to improve the reliability of their applications, or wondering how they can reduce their own energy consumption, can consider the following:

Customers who have availed themselves of high availability tools, including geo-redundancy, should be unaffected by impacts to a single datacenter region. For software as a service (SaaS) services like Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform, the business continuity and resiliency are managed by Microsoft. For Microsoft Azure, customers should always consider designing their Azure workloads with high availability in mind.

We always encourage customers to have a Business Continuity and Disaster Recovery (BCDR) plan in place as part of the Microsoft Well-Architected Framework, which you can read more about. Customers who want to proactively migrate their Azure resources from one region to another can do so at any time. Find out how.
On-premises customers can reduce their own energy consumption by moving their applications, workloads, and databases to the cloud. The Microsoft Cloud can be up to 93 percent more energy efficient than traditional enterprise datacenters, depending on the specific comparison being made. Discover more here. Start your sustainability journey today.
Energy use in our datacenters is driven by customer use. Customers can play a part in reducing energy consumption by following green software development guidelines, including shutting down unused server instances, and sustainable application design. Further information available here.

We continue to improve the energy efficiency of our datacenters, in our ongoing commitment to make our global infrastructure more sustainable and efficient. As countries and energy providers consider options to reduce their consumption of electricity in the event of an energy capacity shortage, we are working with grid operators on this evolving situation. With the scale, expertise, and partnerships that we operate, we are confident that our risk mitigation activities will offset any potential disruption to our customers running their critical workloads in the cloud.
Quelle: Azure

da Agency

Forrester study finds 228 percent ROI when modernizing applications on Azure PaaS

Using modern apps in the cloud to do more with less

There’s no denying the pivotal role developers play in today’s organizations. Whether you’re a high-tech company, a non-profit organization, or a fast-food restaurant, robust digital and online services are key to your customer success. Take the example of one of our customers, Jotun, a multinational chemical supplier—their customer-facing and sales applications are mission critical to their business. But with a small development team managing global applications on premises, the time and effort they spent on routine management and administration was extensive.

The company decided to embrace application modernization—ending investments in on-premises structures—and migrate their apps to Microsoft Azure with Azure App Service. In addition to eliminating routine maintenance tasks and increasing uptime, the new approach enabled them to scale developer expertise, deliver high application performance from anywhere in the world, and begin the transition to a modern development, security, and operations (DevSecOps) approach—all while lowering costs and accelerating time to market.

Platform-as-a-service (PaaS) represents one of the most cost-effective ways to strategically shift resources to application innovation, rather than spending time managing application infrastructure. Azure PaaS services like Azure App Service, Azure Spring Apps, and Azure Integration Services provide developers and IT professionals with a fully managed application platform for building, deploying, and managing applications of all kinds—from the simplest website to the most complex business solution. Developers focus on innovation, and the cloud platform takes care of everything else. A new, commissioned study conducted by Forrester Consulting on behalf of Microsoft, The Total Economic ImpactTM (TEI) of Azure PaaS, details the significant business impact of this approach.

Through a series of customer interviews, Forrester finds that a composite organization—an anonymized aggregate profile of these customers—using Azure PaaS can realize:

A three year 228 percent return on investment (ROI), with a payback period of 15 months.
A 50 percent increase in the speed of application development.
A 40 percent reduction in app-dev related infrastructure costs.

Speaking with Azure customers, Forrester observed several common factors that drove their organizations’ decision to adopt Azure PaaS for modernizing applications. These include being part of a broader strategic initiative, the potential for cost savings, limitations with existing architectures, wanting to take advantage of cloud capabilities, the tight market for tech talent, and prior experience with Azure.

Simply put, this set of fully managed services offers a powerful tool for enterprises to equip their developers in the rapidly changing application landscape.

Retire legacy infrastructure, reduce server costs, and deliver value faster with Azure

Whether your goal is to modernize applications in the cloud, integrate with modern databases and AI, rapidly build apps with low-code platforms, or future-proof existing applications, Azure helps you to provide your developers with the right tools for the right job.

Let me tell you about several ways Azure's fully managed services can transform your organization’s application development process:*

Tackle application development infrastructure costs

Whether you’re operating in an on-premises or hybrid environment, Azure PaaS supports your migration needs efficiently, enabling you to retire legacy infrastructure after applications are fully migrated.

Forrester estimates total application development-related infrastructure cost savings for the composite organization at USD19.1 million over three years during this process.

Rely on trusted cloud infrastructure and security management

While migrating to virtual machines is sometimes the simplest and fastest path for many organizations, application modernization provides the full benefits of the public cloud. PaaS makes this easier because now companies benefit from the cloud provider managing the underlying infrastructure and software of the platform. The cost savings for the composite organization begin almost immediately, with Forrester research showing estimated savings of USD10.3 million on related administrative costs over three years.

Free developers to focus on innovation

Developers are at their best when they’re given time to focus on innovating and developing new applications. Modernizing with PaaS helps increase productivity using dev/test and staging environments, provides the ability to run on the latest versions of the OS, languages, and framework, and enables the use of modern DevOps practices such as continuous integration and continuous delivery. The potential for savings for the composite organization is up to USD7.2 million over three years.

Prioritize application uptime

Offloading management of infrastructure not only reduces the immediate spending, but also ensures that the service provider is responsible for maintaining a 99.95 percent SLA uptime. The resiliency inherent in the fully managed service approach provides peace of mind to the developers in the composite organization and an estimated USD3.8 million in avoided revenue losses over three years.

Reap immediate benefits for your business

With an efficient and reliable platform that works out of the box, developers increase the speed of application development by up to 50 percent. The improved time to market saves the composite organization USD2.8 million over three years and enhances the organization’s ability to serve customer needs better.

Excited? Learn more about how to modernize your enterprise applications today

Azure PaaS helps organizations confidently take the next step to modernizing applications—paving the way for maximizing IT budget and resources, aligning stakeholder priorities, supplementing cloud skillsets, and even unifying the security approach. The methodical analysis of business value in the Forrester TEI study reinforces that this has both tangible economic impact as well as unquantified benefits to help you become a digital leader.

At the recent Microsoft Ignite 2022 conference, we shared our unique approach to helping organizations modernize their .NET, Java, and other workloads. Learn more about Azure App Modernization and get started with free Azure credits.

If you are ready to begin, check out our partner portal, where you can learn about Microsoft partners who have specialized services for your application requirements.

Join us for this free webinar to learn more about the Forrester Total Economic Impact of Microsoft Azure PaaS study.

Bookmark the Apps on Azure blog to keep up with our expert coverage and product announcements.

Follow Microsoft Azure on Twitter for the latest news and updates.

*Disclaimer: In this study, Forrester provides the detailed assumptions and methodology used to arrive at these estimates. We encourage readers to use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Azure PaaS.
Quelle: Azure

da Agency

Microsoft Azure CLX: A personalized program to learn Azure

The rise of cloud computing has created demand for proven cloud experts. That’s why we’ve launched the Microsoft Azure Connected Learning Experience (CLX) program, designed to help aspiring learners and IT professionals become Microsoft Azure cloud pros. CLX is a personalized and self-paced journey that culminates in a certificate of completion—allowing you to maximize learning while minimizing time invested.

What is the CLX program?

The CLX program is a four-step program that prepares you for the Microsoft Azure certification exams while optimizing your learning experience and minimizing time invested. The program, which is curated to meet every learner’s unique needs, consists of four steps:

A knowledge assessment
A Microsoft Learn study materials review
A practice test
A cram session

At the start of the program, you’ll take a knowledge assessment to test your skills and create a personalized learning path. You’ll then take only the Microsoft Learn courses that are useful to you—saving you time and ensuring that you learn the skills you need to accelerate your career.

What courses will I take?

The courses you take are up to you. The self-paced program is catered to your skillset, and you can embark on six tracks: Microsoft Azure Fundamentals, Microsoft Azure AI Fundamentals, Microsoft Azure Data Fundamentals, Microsoft Azure Administrator, Administering Windows Server Hybrid Core Infrastructure, and Windows Server Hybrid Advanced Series—with more on the way. Learn more about these tracks below.

Course
Learner Personas
Course Content

Microsoft Azure Fundamentals
Administrators, Business Users, Developers, Students, Technology Managers

This course strengthens your knowledge of cloud concepts and Azure services, workloads, security, privacy, pricing, and support. It’s designed for learners with an understanding of general technology concepts, such as networking, computing, and storage.

Microsoft Azure AI Fundamentals
AI Engineers, Developers, Data Scientists

This course, designed for both technical and non-technical professionals, bolsters your understanding of typical machine learning and artificial intelligence workloads and how to implement them for Azure.

Microsoft Azure Data Fundamentals
Database Administrators, Data Analysts, Data Engineers, Developers

The Data Fundamentals course instructs you on Azure core data concepts, Azure SQL, Azure Cosmos DB, and modern data warehouse analytics. It’s designed for learners with a basic knowledge of core data concepts and how they’re implemented in Azure.

Microsoft Azure Administrator
Azure Cloud Administrators, VDI Administrators, IT Operations Analysts

In Azure Administrator, you’ll learn to implement cloud infrastructure, develop applications, and perform networking, security, and database tasks. It’s designed for learners with a robust understanding of operating systems, networking, servers, and virtualization.

Administering Windows Server Hybrid Core Infrastructure
Systems Administrators, Infrastructure Deployment Engineers, Senior System Administrators, Senior Site Reliability Engineers

In this course, you’ll learn to configure on-premises Windows Servers, hybrid, and Infrastructure as a Service (IaaS) platform workloads. It’s geared toward those with the knowledge to configure, maintain, and deploy on-premises Windows Servers, hybrid, and IaaS platform workloads.

Windows Server Hybrid Advanced Series
System Administrators, Infrastructure Deployment Engineers, Associate Database Administrators

This advanced series, which is designed for those with deep administration and deployment knowledge, strengthens your ability to configure and manage Windows Server on-premises, hybrid, and IaaS platform workloads.

How do I get certified?

After you finish your personalized curriculum, you’ll complete a two-hour practice test that mimics the final certification exam. Next, you’ll attend a virtual, instructor-led cram session that dives deeply into the Microsoft Azure Certification Exam content. The four-hour session covers the entire course syllabus to ensure you’re well-prepared to pass with ease.

Once you’ve sharpened your understanding of the Azure platform and its solutions, you’ll receive your certificate of completion. You’ll also walk away with the skills to confidently pass the Microsoft Azure Certification Exams—and the proven expertise to advance your career and exceed your cloud computing goals today and in the future.

To learn more and register, visit the Microsoft Cloud Events Portal or check out our Microsoft Azure CLX introductory video.
Quelle: Azure

da Agency

Start learning Azure today with new role-based skill guides

It’s crucial to keep learning the latest cloud technology skills if you want to stay competitive in your field. Whether it’s a network at risk from an outside threat, data being improperly backed up, or a problem debugging an app, you’re on the front line of maintaining your company’s bottom line. Our series of role-based Azure Skills Navigator guides are designed to help you explore and develop these abilities, and we’re thrilled to announce the release of new guides for Network Engineers, Backup and Disaster Recovery (BDR), and Java.

Network Engineers
Train yourself to recommend, plan, and implement Azure networking solutions, including hybrid networking, connectivity, routing, security, and private access to Azure services. Start your networking journey in the cloud by understanding the basic tenets of Azure networking, how to configure hybrid connections, and manage the solutions for performance, resiliency, scale, and security.

Backup and Disaster Recovery
Explore why centrally managed backup for on-premises and cloud data is best for reducing the management burden and costs of a BDR infrastructure while also optimizing the speed and reliability of backup and data-recovery operations. Next, dive into the Azure backup architecture and learn how to design your backup and recovery solution and then configure, deploy, and troubleshoot your BDR solution.

Java
Discover the host of reasons why developers prefer building Java applications in Azure, from the ability to build, debug, and deploy Java applications using their favorite development environments, to quickly adding services and capabilities and integrating them with other apps and services in the Microsoft partner ecosystem. And not least of all, the productivity bonus of not having to manage infrastructure during development.

Additional curated guides to strengthen your Azure expertise

Each guide is carefully curated with downloadable digital training, videos, certifications, and more, and is streamlined so you get the maximum result in the minimum amount of time. You can learn at your own pace, and once you’ve conquered the foundations, you can continue with advanced-level content to further strengthen your Azure expertise. No matter your current proficiency, you’ll find something new and exciting to learn.

Don’t forget about our original line-up of Azure Skills Navigator Guides:

System Administrators
Deepen your knowledge of Azure fundamental concepts of cloud computing and core infrastructure services, management, monitoring, security, and compliance with this beginner’s guide.

Solution Architects
Explore core solutions then move on to solution design principles, including security and compliance, and discover deployment tools and methods to help bring your solution architectures to life.

Developers
Enjoy an overview of key concepts crucial to establishing a strong Azure foundation, including Java, .NET, Node.js, and Python, and in order to build apps with low-code techniques to simplify, automate, and transform business tasks and processes.

AI Developers
Use this learning path to grow your cloud AI skills with videos, tutorials, and training modules, and prepare for the Azure AI Fundamentals Certification to leverage AI to create innovative apps. This course is part of our Zero to Hero journey, a 30-day skilling path designed to help developers and engineers get started on Azure.

Data Engineers
Bring together data integration, enterprise data warehousing, and big data analytics at cloud scale in this Zero to Hero course that instructs you in Azure Synapse—a unified experience enabling you to leverage data to unlock powerful insights.

Data Scientists
Create innovation solutions for complex problems in the cloud, which is increasingly the destination for machine learning projects—a place for easy, cost-effective experiments and scale at any level of expertise or demand. This course is part of our Zero to Hero journey.

Learn more

Don’t see your field represented? We’re developing new guides all the time, so stay tuned for updates. In the meantime, check out all the knowledge sharing Microsoft has to offer by visiting the Azure training and certifications homepage and visit the Azure Skills Navigator guides to explore the new role-based guides.
Quelle: Azure

da Agency

Microsoft sponsors OWASP ModSecurity CRS to improve application security

This post was co-authored by Henry Yan, Product Marketing Manager.

Increased cloud adoption and the shift to hybrid work has resulted in increased usage of digital assets. While moving web applications and APIs to the cloud provides many advantages for organizations, including transforming business models and enhancing the customer experience, it also presents new security challenges. We have seen that attackers come up with new sophisticated attack patterns and we see new vulnerabilities (for example, Log4J, SpringShell, and Text4Shell) emerging constantly. Vulnerabilities in these applications could lead to breaches and allow cybercriminals to gain access to valuable and sensitive data.

At Microsoft, we are committed to making Microsoft Azure the most secure and trusted cloud for all workloads. We are continuously innovating and seeking ways to enhance our products to help our customers protect against evolving threats. This includes supporting organizations and communities that share a common commitment as ours. We are pleased to announce the sponsorship for the Open Web Application Security Project (OWASP) ModSecurity Core Rule Set (CRS) project. We value the contributions of the CRS community and are looking forward to contributing to the success of the community and OWASP ModSecurity CRS open source project.

Intelligent protection from edge to cloud

Azure Web Application Firewall (Azure WAF) is our cloud-native service for protecting your applications and APIs in Azure or anywhere else from web attacks and vulnerabilities. Azure WAF provides built-in managed rules, based off the OWASP ModSecurity CRS, that offer application protection from a wide range of attacks, including the OWASP Top Ten, with minimum false positives. These managed rules provide protection against many common attack categories, including SQL injection, cross site scripting, local file inclusion, and much more.

Azure WAF offers Microsoft Managed Rule Sets, proprietary rulesets, which extends the protection of OWASP ModSecurity CRS 3.x, and includes additional proprietary rules and updated signatures developed by the Microsoft Threat Intelligence Center to provide increased security coverage, patches for specific vulnerabilities, and reduced false positive. Azure WAF includes richer set of features including IP reputation, bot protection, rate limiting, IP restriction, and geo-filtering that further strengthens the security posture for your web application and APIs. Native integration with Azure Monitor, Microsoft Sentinel, and Azure Firewall Manager provides ease of management and advanced analytics capabilities to detect and respond to security threats timely.

Better together

Microsoft has invested heavily in building security-focused products and ensuring security is built into our core technologies. As a gold sponsor for the OWASP ModSecurity CRS project, we are furthering our commitment in contributing to a strong and vibrant security community. We are excited to join efforts to help advance the CRS open source project that serves as a first line of defense for many applications. The collaboration between Microsoft and OWASP CRS teams will help improve signature patterns, reduce false positives, and address critical zero-day vulnerabilities quickly. This is an important step in ensuring we provide the best security possible for all.

Read more about this announcement from OWASP ModSecurity CRS project.
Quelle: Azure

da Agency

Azure Storage Mover–A managed migration service for Azure Storage

File storage is a critical part of any organization’s on-premises IT infrastructure. As organizations migrate more of their applications and user shares to the cloud, they often face challenges in migrating the associated file data. Having the right tools and services is essential to successful migrations.

Across workloads, there can be a wide range of file sizes, counts, types, and access patterns. In addition to supporting a variety of file data, migration services must minimize downtime, especially on mission-critical file shares.

In February of 2022, we launched the Azure file migration program that provides no-cost migration to our customers, via a choice of storage migration partners.

Today, we are adding another choice for file migration with the preview launch of Azure Storage Mover, which is a fully managed, hybrid migration service that makes migrating files and folders into Azure a breeze.

The key capabilities of the Azure Storage Mover preview are:

NFS share to Azure blob container

With this preview release, we focus on the migration of an on-premises network file system (NFS) share to an Azure blob container. Storage Mover will support many additional source and target combinations over the coming months.

Cloud-driven migrations

Managing copy jobs at scale without a coordinating service can be time consuming and error-prone. Individual jobs have to be monitored and any errors resolved. It’s hard to maintain comprehensive oversight to ensure a complete and successful migration of your data.

With Azure Storage Mover you can express your migration plan in Azure and when you are ready, conveniently start and track migrations right from the Azure portal, PowerShell, or CLI. This allows you to utilize Azure Storage Mover for a one-time migration project or for any repeated data movement needs.

Azure Storage Mover is a hybrid service with migration agents that you’ll deploy close to your source storage. All agents can be managed from the same place in Azure, even if they are deployed across the globe.

Scale and performance

Many aspects contribute to a high-performance migration service. Fast data movement through the Azure Storage REST protocol and a clear separation of the management path from the data path are among the most important. Each agent will send your files and folders directly to the target storage in Azure.

Directly sending the data to the target optimizes the performance of your migration because the data doesn’t need to be processed through a cloud service or through a different Azure region from where the target storage is deployed in. For example, this optimization is key for migrations that happen across geographically diverse branch offices that will likely target Azure Storage in their region.

What’s next for Storage Mover?

There are many steps in a cloud migration that need to happen before the first byte can be copied. A deep understanding of your data estate is essential to a balanced cloud solution design for your workloads.

When we combine that with a strategy to minimize downtime, and manage and monitor migration jobs at scale, then we’ve arrived at our vision for the Storage Mover service. This roadmap for this vision includes:

Support for more sources and Azure Storage targets.
More options to tailor a migration to your needs.
Automatically loading possible sources into the service. That’s more than just convenience; it enables large-scale migrations and reduces mistakes from manual input.
Deep insights about selected sources for a sound cloud solution design.
Provisioning target storage automatically based on your migration plan.
Running post-migration tasks such as data validation, enabling data protection, and completing migration of the rest of the workload, etc.

Learn more

Find out more with our service overview.
Learn how to deploy Azure Storage Mover.
Explore Storage Mover in the Azure portal.
Learn about Storage Mover PowerShell.

Quelle: Azure

da Agency

3 key cloud adoption trends in migrating and modernizing workloads

In the past few years, organizations have weathered unprecedented change as they have had to adapt to macro-economic, political, and societal challenges. These challenges are not going away—the business outlook remains uncertain with ongoing concerns, including inflation, supply chain disruptions, and rising energy prices.

Microsoft believes the best way to prepare for this uncertainty is for organizations to do more with less—less complexity and cost, with more agility, resilience, and innovation. This means applying digital capabilities to extend what organizations can achieve amidst today’s constraints.

Moving workloads to the cloud provides more flexibility for organizations to align their IT investments with business needs while benefiting from cloud economies of scale. Modern infrastructure and cloud capabilities can also free up an organization’s IT workforce to focus on workloads and applications that are most meaningful to their customers.

To get a deeper understanding of the challenges faced by our customers and their plans around cloud adoption, Microsoft commissioned a global survey with more than 1200 IT decision makers.

The study revealed three key cloud adoption trends:

1. Cloud adoption plans remain integral to strategies in uncertain business climates

The survey found 62 percent of organizations have a migration and modernization strategy in place, showing the increasing importance of cloud adoption in IT transformation. Their top motivators are reducing total business costs, future proofing business strategy, and driving revenue growth. The survey also showed security, business continuity (BC), disaster recovery (DR), and scalability as top benefits desired from cloud migrations. That said, we expect that returns on investment (ROI) considerations will remain top of mind in the near term as customers prioritize cloud initiatives for implementation—be it optimizing their existing cloud workloads or moving additional workloads. This increased attention on cost optimization and the rise of financial operations teams (FinOps) is also echoed in the Flexera state of the cloud 2022 report, where for the sixth year in a row, optimizing the existing use of cloud (cost savings) was the top initiative, followed by migrating more workloads to the cloud.

Organizations are considering cloud adoption plans holistically across their entire IT infrastructure to better prepare for what’s next. Of the organizations we surveyed, the number who have more than half of their workloads in the cloud will grow from 27 percent to 47 percent over the next 18 months with investments spanning both business-critical and non-business critical workloads. Furthermore, the survey found organizations with a cloud migration and modernization strategy are 58 percent more likely to be ‘cloud-only’ (all or almost all applications and workloads running in the cloud) three years from now.

2. Modernization is a key focus for digital transformation

82 percent of surveyed organizations said migrating to the cloud is a steppingstone towards digital transformation. Migration is about getting workloads to the cloud—and modernization is about refactoring existing applications and workloads to take full advantage of cloud-native technologies like Platform-as-a-Service (PaaS) or containers. Those surveyed told us 74 percent of workloads that have already migrated are candidates for modernization—modernizing workloads helps opens the door to digital transformation whether it’s speeding up product innovation cycles or personalized end-user experiences.

3. Hybrid and multicloud interoperability and integration are expected

Organizations continue to embrace multicloud and are looking for cross-cloud management and interoperability from their cloud providers. Underscoring our recent research on hybrid and multicloud earlier this year, customers surveyed want to retain investment flexibility along with best-of-breed cloud capabilities with 71 percent to continue implementing a hybrid or multi-cloud strategy.

Complexities of cloud-to-cloud integration, refactoring existing applications, and integration with legacy backends are a few of the barriers that can slow down cloud adoption. So, it’s no surprise that support from a dedicated migration and modernization team was ranked highest in surveyed customers’ wish list from cloud vendors. Post migration support, access to engineering resources, and help with technical skilling were other key areas that emerged from the survey.  These findings present significant implications for cloud providers as they define programs and investments to assist customers during uncertain times.

How Microsoft Azure can help customers with cloud migration and modernization efficiently

We have been on our own digital transformation journey since Microsoft began migrating on-premises workloads to the cloud in 2014. We have been transforming our IT footprint using built-in tools and data insights that Azure provides to optimize costs (such as Azure Advisor, Azure Cost Management and Billing, and Azure Monitor) and reinvesting in modernization for business growth. Today more than 95 percent of our workloads run on the cloud, and while our yearly budget for Azure has remained constant since 2014, Microsoft has grown by more than 20 percent. Our own journey and learnings inform how we can empower customers to best meet their current and future technology needs.

Our customers choose Azure as their platform of choice to meet their goals today and to build for the future tomorrow.

Fiserv, a global fintech and payment company, improved their payment processing infrastructure to simplify operations bringing benefits such as risk reduction and cost savings. Perrigo, a worldwide producer and supplier of consumer self-care products for businesses, unlocked agility and flexibility through streamlined finance workloads to build a single source of truth for finance. The Bank of Angola became the first bank in Angola to embrace digitization by moving to the cloud to innovate and improve processes and infrastructure. O2 Czech Republic, the leading telecommunications company in the Czech Republic, saw a 30 percent total cost of ownership (TCO) savings for every workload they moved while enhancing security and scaling their entertainment business.

We continue to invest deeply in helping our customers do more with less and get the most out of their Azure investments with our solutions.

Today we’re announcing a new total cost of ownership (TCO) or business case capability to help customers estimate how much they can save by migrating their Windows Server and SQL Server estate to Azure. This will be available within Azure Migrate, our free self-service migration tool that allows organizations to plan and execute their move to Azure. Try out this new capability and share your feedback.
Customers can optimize their cloud investments with our unique offers and pricing benefits. With unique offers like the Azure Hybrid Benefit (save costs by reusing software assurance enabled Windows, Server SQL Server, Red Hat Enterprise Linux, and SUSE Linux licenses on Azure) and Extended Security Updates (free only on Azure), it’s up to 80 percent less expensive to run Windows Server and SQL Server VMs on Azure than it is with our main competitor. With Azure savings plan for compute, customers can significantly reduce resource costs by up to 65 percent compared to pay-as-you-go prices.
The Azure Migration and Modernization Program (AMMP) offers customers the right mix of expert help to reduce migration costs and accelerate their move—including technical skilling, engineering resources, specialized partners, and cost-effective incentives so customers are holistically set up for success.

At Microsoft, we are committed to helping our customers be successful, drive strong business outcomes and get the most out of their cloud investments, especially in challenging environments like today’s.

Learn more about some of our updates and other key cloud trends in my fireside chat with Dave McCarthy, Research Vice President, Cloud and Edge Infrastructure Services at IDC, where we discussed industry trends around cloud adoption, and the whitepaper on “The Business value of Migrating and Modernizing with Microsoft Azure."

Dive deeper into our global survey findings and methodology by downloading the full report here.

Sources: Flexera 2022 State of the Cloud Report: Cloud Migration Stats—2022 Flexera State of the Cloud Report IDC.

The Business Value of Migrating and Modernizing with Azure, sponsored by Microsoft Azure, #US49665122 Published: 9/24/2022.
Quelle: Azure

da Agency

Microsoft Azure's defense in depth approach to cloud vulnerabilities

Our digital world is changing, with more persistent, sophisticated, and driven cybercriminals. As risks increase and threats compound, trust is more important than ever. Customers need to be able to trust in the technology platforms they invest in to build and run their organizations. As one of the largest cloud service providers, we build trust by helping our customers be secure from the start and do more with the security of our cloud platforms that’s built in, embedded, and out of the box.

Our security approach focuses on defense in depth, with layers of protection built throughout all phases of design, development, and deployment of our platforms and technologies. We also focus on transparency, making sure customers are aware of how we’re constantly working to learn and improve our offerings to help mitigate the cyberthreats of today and prepare for the cyberthreats of tomorrow.

In this blog, we highlight the extensive security commitments from our past, present, and into the future, as well as where we see opportunities for continued learning and growth. This piece kicks off a 4-part Azure Built-In Security series intended to share lessons we’ve learned from recent cloud vulnerabilities and how we're applying these learnings to ensure our technologies and processes are secure for customers. Transparently sharing our learnings and changes is part of our commitment to building trust with our customers, and we hope it encourages other cloud providers to do the same.

Past, present, and future of our security commitments 

For decades Microsoft has been, and continues to be, deeply focused on customer security and improving the security of our platforms. This commitment is evident in our long history of leading security best practices from our on-premises and software days to today’s cloud-first environments. A shining example of this is when in 2004, we pioneered the Security Development Lifecycle (SDL), a framework for how to build security into applications and services from the ground up whose influence has been far reaching. SDL is currently used as the basis for built-in security in key initiatives including international application security standrards (ISO/IEC 27034-1) and the White House’s Executive Order on Cyber Security.

As security leaders and practitioners know though, security’s job is never done. Constant vigilance is vital. This is why Microsoft currently invests heavily in internal security research as well as a comprehensive bug bounty program. Internally, Microsoft boasts more than 8,500 security experts constantly focused on vulnerability discovery, understanding attack trends and addressing patterns of security issues. Our world-class security research and threat intelligence helps protect customers, Microsoft, open-source software, and our industry partners alike.

We also invest in one of the industry’s most proactive Bug Bounty Programs. In 2021 alone, Microsoft awarded $13.7 million in bug bounties across a broad range of technologies. An emerging trend over the last year has been an uptick in externally reported vulnerabilities impacting several cloud providers, including Azure. While vulnerabilities are not uncommon across the industry, as a leading cloud provider and the number one security vendor, Microsoft is of greater interest to researchers and security competitors alike. This is why our public bounty program was the first to include cloud services, beginning in 2014, and in 2021 we further expanded the program to include higher rewards for cross-tenant bug reports. As anticipated, this clearly drew even more external security researcher interest in Azure, culminating in multiple cross-tenant bug bounties being awarded. Regardless of the reasons, these findings helped further secure specific Azure services and our customers.

Finally, we firmly believe that security is a team sport, and our focus on collaboration is evidenced in our contributions to the security ecosystem, such as our involvement in the NIST Secure Software Development Framework (SSDF), and improving the security posture of Open Source Software (OSS) through our $5 million investment in the OpenSSF Alpha-Omega project.

Our commitment to security is unwavering, as seen in our decades-long leadership of SDL to present day vulnerability discovery, bug bounty programs, collaboration contributions, and continues well into the future with our commitment of investing more than $20 billion over five years in cybersecurity. While building-in security from the start is not new at Microsoft, we understand the security landscape is continually changing and evolving, and with it so should our learnings.

Our latest learnings and improvements for a more secure cloud

At Microsoft, a core part of our culture is a growth mindset. Findings from internal and external security researchers are critical to our ability to further secure all our platforms and products. For each report of a vulnerability in Azure, we perform in-depth root cause analysis and post-incident reviews whether discovered internally or externally. These reviews help us reflect and apply lessons learned, at all levels of the organization, and are paramount to ensuring that we constantly evolve and build in security at Microsoft.

Based on the insights we’ve gained from recent Azure vulnerability reports, we are improving in three key dimensions. These developments enhance our response process, extend our internal security research, and continually improve how we secure multitenant services.

1. Integrated response

Several lessons from the past year focused our attention in areas we recognize the need to improve, such as accelerating response timelines. We are addressing this throughout our Integrated Response processes and unifying internal and external response mechanisms. We started by increasing both the frequency and scope of our Security LiveSite Reviews at the executive level and below. We are also improving the integration of our external security case management and our internal incident communication and management systems. These changes reduce mean time to engagement and remediation of reported vulnerabilities, further refining our rapid response. 

2. Cloud Variant Hunting

In response to cloud security trends, we have expanded our variant hunting program to include a global and dedicated Cloud Variant Hunting function. Variant hunting identifies additional and similar vulnerabilities in the impacted service, as well as identify similar vulnerabilities across other services, to ensure discovery and remediation is more thorough. This also leads to a deeper understanding of vulnerability patterns and subsequently drives holistic mitigations and fixes. Below are a few highlights from our Cloud Variant Hunting efforts:

In Azure Automation we identified variants and fixed more than two dozen unique issues.
In Azure Data Factory/Synapse we identified significant design improvements that further harden the service and address variants. We also worked with our supplier, and other cloud providers, to ensure that risks were addressed more broadly.
In Azure Open Management Infrastructure we identified multiple variants, our researchers published CVE-2022-29149, and we drove the creation of Automatic Extension Upgrade capabilities to reduce time to remediate for customers. Our Automatic Extension Upgrade feature is already benefiting Azure Log Analytics, Azure Diagnostics, and Azure Desired State Configuration customers.

Additionally, Cloud Variant Hunting proactively identifies and fixes potential issues across all our services. This includes many known as well as novel classes of vulnerabilities, and in the coming months we will share more details of our research to benefit our customers and the community at large

3. Secure multitenancy

Based on learnings from all our security intelligence sources, we continue to evolve our Secure Multitenancy requirements as well as the automation we use at Microsoft to provide early detection and remediation of potential security risk. As we analyzed Azure and other cloud security cases over the last couple of years, both our internal and external security researchers have found unique ways to break through some isolation barriers. Microsoft invests heavily in proactive security measures to prevent this, so these new findings helped determine the most common causes and ensure we were committed to addressing them within Azure through a small number of highly leveraged changes.

We are also doubling down on our defense in depth approach by requiring and applying even more stringent standards for Compute, Network, and Credential isolation across all Azure services, especially when consuming third-party or OSS components. We are continuing to collaborate with the OSS community, such as PostgreSQL, as well as other cloud providers, on features which are highly desirable in multitenant cloud environments. 

This work has already resulted in dozens of distinct findings and fixes with the majority (86 percent) attributed to our specific improvements in Compute, Network, or Credential isolation. Among our automation improvements, we are extending internal Dynamic Application Security Tests (DAST) to include more checks for validating Compute and Network isolation as well as adding net new runtime Credential isolation check capabilities. In parallel, our security experts continue to scrutinize our cloud services, validate they meet our standards, and innovate new automated controls for the benefit of our customers and Microsoft.

From the cloud security’s shared responsibility model, we recommend our customers use the Microsoft cloud security benchmark to improve their cloud security posture. We are developing a set of new recommendations focusing on multi-tenancy security best practices and will publish that in our next release.

In short, while Microsoft has a long and continued commitment to security, we are continually growing and evolving our learnings as the security landscape also evolves and shifts. In this spirit of constant learning, Microsoft is addressing recent Azure cloud security issues by enhancing secure multitenancy standards, expanding our cloud variant hunting capacity, and developing integrated response mechanisms. Our enhancements, and the scale of our security efforts, further demonstrate our leadership and decades-long commitment to continual improvement of our security programs and raising the bar for security industry-wide. We continue to be committed to integrating security into every phase of design, development, and operations so that our customers, and the world, can build on our cloud with confidence.

Learn more

Follow the Microsoft Security Response Center blog for our latest security research findings.
Learn more about how Microsoft Azure can help strengthen your security posture.
To learn more about our responses to cloud security updates, read our blogs: the Anatomy of a Cloud-Service Security Update and Anatomy of a Security Update.

Quelle: Azure

da Agency

Microsoft and Isovalent partner to bring next generation eBPF dataplane for cloud-native applications in Azure

This post was co-authored by Narayan Annamalai, Partner PM Manager, Microsoft Azure.

As cloud-native applications are experiencing astronomical growth, customers are constantly demanding to scale their Kubernetes and containerized deployments with rich feature sets for network security and observability and without degrading their network performance. With the above in mind, we are excited about this partnership to enhance our platform to bring the power of eBPF natively in Microsoft Azure that will efficiently meet networking capabilities like container network security, cluster service routing, and network observability at a large scale while maintaining mission-critical uptime and reliability.

Microsoft and Isovalent bring new features with eBPF to Azure Kubernetes Services

Microsoft announces the strategic partnership with Isovalent to bring Cilium's eBPF-powered networking data plane and enhanced features for Kubernetes and cloud-native infrastructure.

Azure Kubernetes Services (AKS) will now be deployed with Cilium open-source data plane and natively integrated with Azure Container Networking Interface (CNI).

Microsoft and Isovalent will enable Isovalent Cilium Enterprise as a Kubernetes container App offering onto Azure Container Marketplace. This will provide a one-click deployment solution to Azure Kubernetes clusters with Isovalent Cilium Enterprise advanced features.

Azure CNI powered by Cilium

Recently, Microsoft announced the preview of Azure CNI powered by Cilium for Azure Kubernetes Services.

Cilium’s expertise in eBPF-enriched features like efficient load-balancing, extensive network security features, and rich monitoring along with industry-leading robust and scalable Azure CNI IP Address Management (IPAM), VNET and Overlay mode, will give the most performant and best-in-class container networking platform for our AKS customers.

As a native offering, customers will find it significantly easier to leverage Cilium open-source features directly on AKS Cluster creations as opposed to multi-step configuration via bring your own CNI (BYOCNI) or custom configurations.

Microsoft will handle first-line support and collaborate with Isovalent on specific support issues to their deep knowledge of the technology. We are thrilled to be expanding our relationship with Isovalent and continuing our collaboration with the Cilium open-source community. Together, we have built an ideal platform for current benefits and future innovations.

Isovalent Cilium Enterprise in Azure Container Marketplace

Microsoft and Isovalent are actively collaborating to bring the Isovalent Cilium Enterprise offering onto Azure Kubernetes Services via Azure Container Marketplace.

With this tight integration, customers who also want advanced Isovalent Cilium Enterprise capabilities, will be offered one-click deployment and upgrade for Cilium Enterprise features to a new or existing AKS cluster with a much simpler and more reliable experience. Cilium Enterprise will be built with native integration with Azure networking platform to offer advanced features and capabilities with best-in-class performance and scale. Microsoft and Isovalent will also collaborate to include joint testing, compatibility, and versioning checks, along with seamline support to ensure Cilium Enterprise runs best on Azure.

Customers will also get a unified billing experience, auto-upgrades of Enterprise version updates, usage, and all the other key features offered by the Azure Marketplace platform. This will eliminate a lot of management overhead, which otherwise customers would have to manage manually.

The preview for this new offering will be available early next year.

Learn more

Find out more about this strategic partnership from Thomas Graf, Co-founder, and CTO of Isovalent.

Request early access

By submitting, you (1) agree to share your information with Microsoft and Isovalent, (2) agree to Microsoft and Isovalent's privacy policy, and (3) agree to receive occasional emails about our products and services. You may unsubscribe from these communications at any time.
Quelle: Azure

da Agency

Improve speech-to-text accuracy with Azure Custom Speech

With Microsoft Azure Cognitive Services for Speech, customers can build voice-enabled apps confidently and quickly in more than 140 languages. We make it easy for customers to transcribe speech to text (STT) with high accuracy, produce natural-sounding text-to-speech (TTS) voices, and translate spoken audio. In the past few years, we are inspired by the ways customers seek our customization features to fine-tune speech recognition to their use cases.

As our speech technology continues to change and evolve, we want to introduce four custom speech-to-text capabilities and their respective customer use cases. With these features, you can evaluate and improve the speech-to-text accuracy for your applications and products. A custom speech model is trained on top of a base model. With a custom model, you can improve recognition of domain-specific vocabulary by providing text data to train the model. You can also improve recognition based on the specific audio conditions of the application by providing audio data with reference transcriptions.

Custom Speech data types and use cases

Our Custom Speech features will let you customize Microsoft's speech-to-text engine. You will be able to customize the language model by tailoring it to the vocabulary of the application and customize the acoustic model to adapt to the speaking style of your users. By uploading text and/or audio data through Custom Speech, you'll be able to create these custom models, combine them with Microsoft's state-of-the-art speech models, and deploy them to a custom speech-to-text endpoint that can be accessed from any device.

Phrase list: A real-time accuracy enhancement feature that does not need model training. For example, in a meeting or podcast scenario, you can add a list of participant names, products, and uncommon jargon using phrase list to boost their recognition.

Plain text: Our simplest custom speech model can be made using just text data. Customers in the media industry use this in use cases such as commentary of sports events. Because each sporting event’s vocabulary differs significantly from others, building a custom model specific to a sport increases accuracy by biasing to the vocabulary of the event.

Structured text: This is text data that boosts patterns of sentences in speech. These patterns could be utterances that differ only by individual words or phrases, for example, “May I speak with name” where name is a list of possible names of individuals. The pattern can link to this list of entities (name in this case), and you can also provide their unique pronunciations.

Audio: You can train a custom speech model using audio data, with or without human-labeled transcripts. With human-labeled transcripts, you can improve recognition accuracy on speaking styles, accents, or specific background noises. For American English, you can now train without needing a labeled transcript to improve acoustic aspects such as slight accents, speaking styles, and background noises.

Research milestones

Microsoft’s speech and dialog research group achieved a milestone in reaching human parity in 2016 on the Switchboard conversational speech recognition task, meaning we had created technology that recognized words in a conversation as well as professional human transcribers. After further experimentation, we then followed up with a 5.1 percent word error rate, exceeding human parity in 2017. A technical report published outlines the details of our system. Today, Custom Speech helps enterprises and developers improve upon the milestones achieved by Microsoft Research.

Customer inspiration

Peloton: In the past, Peloton provided subtitles only for its on-demand classes. But that meant that the signature live experience so valued by members was not accessible to those who are deaf or hard of hearing. While the decision to introduce live subtitles was clear, executing on that vision proved a bit murkier. A primary challenge was determining how automated speech recognition software could facilitate Peloton’s specific vocabulary, including the numerical phrases used for class countdowns and to set resistance and cadence levels. Latency was another issue—subtitles wouldn’t be very useful, after all, if they lagged behind what instructors were saying. Peloton chose Azure Cognitive Services because it was cost-effective and allowed Peloton to customize its own machine learning model for converting speech to text—and was significantly faster than other solutions on the market. Microsoft also provided a team of engineers that worked alongside Peloton throughout the development process.

Speech Services and Responsible AI

We are excited about the future of Azure Speech with human-like, diverse, and delightful quality under the high-level architecture of the XYZ-code AI framework. Our technology advancements are also guided by Microsoft’s Responsible AI process, and our principles of fairness, inclusiveness, reliability and safety, transparency, privacy and security, and accountability. We put these ethical standards into practice through the Office of Responsible AI (ORA)—which sets our rules and governance processes, the AI Ethics and Effects in Engineering and Research (Aether) Committee—which advises our leadership on the challenges and opportunities presented by AI innovations, and Responsible AI Strategy in Engineering (RAISE)—a team that enables the implementation of Microsoft Responsible AI rules across engineering groups.

Get started with Azure Cognitive Services for Speech

You can use Speech Studio to test how custom speech features would help improve recognition for your audio. In addition, start building new customer experiences with Azure Neural TTS and STT. In addition, the Custom Neural Voice capability enables organizations to create a unique brand voice in multiple languages and styles.

Resources

Try out Speech services in the Studio.
Get started with Custom Speech.
Get started with speech to text.
Get started with text to speech.
Get started with Custom Neural Voice.
Get started with speech translation.

Quelle: Azure