Kategorie: Microsoft Azure

Accenture and Microsoft drive digital transformation with OnePlatform on Microsoft Energy Data Services for OSDU™

This post was co-authored by Sacha Abinader, Managing Director, Accenture and Keith Armstron, Senior Manager, Accenture Microsoft Business Group.

Accelerate decision-making and interoperability with the OSDU Data Platform

The OSDU™ Forum is a cross-industry collaboration to develop a common, standards-based, and open platform for the exploration and production (E&P) community with the goal to liberate and enable greater access and insight into your valuable data. The OSDU Data Platform promise is compelling and offers value beyond what can be achieved with in-house solutions through established industry standards and openness to the larger technology ecosystem. Accenture has partnered with Microsoft and collaborated closely with Schlumberger during the Microsoft Energy Data Services preview and development process. In addition to Accenture’s domain expertise and digital integration acumen, the preview experience has allowed Accenture to develop skills and scale a team specific to this offering to enable an operator’s OSDU Data Platform journey at pace. 

As such, the OSDU Data Platform as an industry solution has been a top priority for Accenture with significant investments in skills, people, assets, and our presence and leadership as part of the OSDU Forum.

“We are thrilled to be a services partner for Microsoft Energy Data Services. The partnership with Microsoft and Schlumberger in enabling an open platform has been wonderful. As part of preview, Accenture has been driving for interoperability across the technology ecosystem to bridge siloed teams and has partnered with Schlumberger and several ISVs to make this a reality. We are excited to enable operators to create additional value through improved and accelerated decision making and the development of new workflows and analytics.”—Emma Wild, Managing Director, Global OSDU Lead.

Accenture has been actively involved in the OSDU Data Platform initiative for several years. In addition to our commitment to the OSDU Forum, we have developed our own vision and strategy as to how we can support OSDU Data Platform integration into E&P workflows and how we can increase operators' business capability and data value.

Accenture understands our clients’ challenges and is their partner for complex transformations

Our partners and clients want access to secure, clean, and curated data. To achieve this, they must liberate and migrate their data to the OSDU Data Platform. Our clients are dealing with large and highly complex data sets that have varying quality and formats. They also need to manage their ongoing business using the current and future capabilities of the OSDU Data Platform with its continual improvements of new data types and features. Accenture has planned a strategy that supports the transition from monolithic apps and data to the OSDU Data Platform at pace. Accenture and Microsoft are partners on this transformational journey as seen in Figure 1.

 

Our vision, your value

To be successful we believe there is a need to create and support a solution that provides an end-to-end business capability, focusing on business value and time-to-value acceleration.

Our approach will quickly prepare and present data to the user via the OSDU Data Platform irrespective of its current functionality and capability. By integrating and consolidating data in a standard format and enabling the interoperability of the platform across ISVs, operators can unlock the milestones to the right of the diagram and deliver the accelerated value they’ve been promised.

We think of it as supporting a data life cycle and journey to mitigate perceived risks due to the evolving nature of the OSDU Data Platform while continually improving your business workflows.

Why choose Microsoft Energy Data Services?

We recognize the complexity and risks involved in the transition and migration to the OSDU Data Platform. While energy companies have always managed E&P risk and uncertainty, there is generally a much lower appetite when it comes to IT and digital platforms. As a result, the industry is increasingly seeking packaged solutions or out-of-the-box delivery structures. This enables them to realize the visions promised by the OSDU Data Platform yet still focus on the "day job" and running their operations and business. These solutions and structures help de-risk the journey and minimize disruption to business continuity. Recognizing this, Microsoft developed an open-packaged solution to offer the OSDU Data Platform as a PaaS through Microsoft Energy Data Services. 

Microsoft Energy Data Services was designed to support the energy industry’s ambition to accelerate innovation, develop enhanced insights to drive operational efficiency, and inform new ways of working and workflows. Microsoft Energy Data Services can accelerate the journey to a cloud-based OSDU Data Platform and thus, the path to value.

Accenture and Microsoft Energy Data Services collaboration

Accenture has helped deploy and test Microsoft Energy Data Services through the preview stages to provide feedback to Microsoft Engineering. Accenture is focused on connecting data to business value and working with Microsoft to deliver a fully integrated approach using the OSDU Data Platform to accelerate digital transformation. Accenture demonstrated this during the preview by deploying the Microsoft Energy Data Services solution, ingesting data with OSDU core service tools and Accenture proprietary tools, and stitching together a data workflow across multiple ISVs to validate the openness of the platform. During this process, Accenture has built a team that can help deploy and scale on Microsoft Energy Data Services.

Microsoft Energy Data Services differentiates itself as it will allow and enable:

Integration with virtually any energy dataset, application, or cloud service with built-in tools.
Management for compute-intensive workloads at a global scale.
Compliance with the OSDU Technical Standard for open source innovation.
Ease the deployment of the OSDU Data Platform while providing ongoing platform and management support to align to OSDU Data Platform deployments.
Rapid data ingestion for analytics and decision-making.
Increase operational efficiency and gain global scalability while reducing operational costs.
Comprehensive security and compliance.
Ability to easily leverage native Azure and Microsoft solutions.

Microsoft Energy Data Services further builds on and enables the OSDU Data Platform value drivers:

The ability to access clean and curated historical data under a single data platform.
Open access to innovation and a wider set of technology partners (ISVs).
Removes siloes and barriers between disciplines and lays the foundation for digital transformation.

Accenture’s specific capabilities and toolkit

Data on its own is not the answer, and Accenture has been working hard to offer end-to-end services and tools which connect the full enterprise and business. The journey requires the need to deliver clean data to unlock value through data science, deploy, and roll out these solutions across global operations, and importantly, to instill trust from end users and the business to allow the value to be recognized.

Accenture is spearheading the industry adoption of the OSDU Data Platform to enable energy companies to accelerate their digital transformation. One such platform we are developing is the Accenture OnePlatform, as seen in Figures 3 and 4, which is a working solution to address the current issues and challenges and help execute the data to its maximum limit.

Figure 4: Accenture's OnePlatform Data Workflow.

Accenture OnePlatform is a cloud-agnostic platform and one-stop solution for data extraction, schema mapping, metadata generation, and data ingestion that is operationally efficient. Accenture OnePlatform enables OSDU Data Platform services that are available with just one click without any need for extra plugins or any open source installations. 

Some of the key highlights of Accenture OnePlatform are outlined below:

Orchestration of the OSDU Data Platform: Provide end-to-end delivery of business workflows via a single interface.
Data extraction: Extracting different data types by using a data type converter such as LAS, SegY, or ResQML.
Schema Mapping: Mapping client data with Accenture OnePlatform–compliant data types by using AI/ML models.
Metadata Generation: Generating metadata by using AI rule-based approach.
Data Ingestion: Ingestion workflow. Running on click solution using python utilities.
Data Validation: Validating records using python utilities by adding customized rules.
Data Quality: Intelligent way to set up the rules and do the quality checks automatically.
Knowledge Graph: Build Accenture OnePlatform-based ontology and give the semantic result to the customer.

In addition, the Accenture OnePlatform can serve as an orchestration tool across multiple SaaS ISV solutions. We know interoperability is a key value driver for choosing OSDU. Accenture has played a major role in ISV’s integration by collaborating with various ISVs and Microsoft for collective purpose of consuming the data available in single data platform. Accenture is working with several leading ISVs for development of their applications to fetch data according to the schemas from the OSDU Data Platform and Microsoft Energy Data Services, offering best-in-class interoperability and the ability to deliver end-to-end business workflows. Microsoft Energy Data Services with Accenture’s support has demonstrated the integration of DELFI with multiple ISV applications, such as Interica and Ikon Science, and we were pleased to demonstrate this at the Schlumberger Digital Forum 2022.

Conclusion

In closing, Accenture is committed to being a leading partner to help operators navigate the uncertainties around OSDU Data Platform implementation, manage the risks of deployment, and realize the full value of their data.

We believe Accenture is best placed to deliver on these commitments and enable your value based on our deep industry expertise, investments in accelerators like the Accenture OnePlatform, 14,000+ dedicated oil and gas skilled global practitioners with 250+ OSDU™-trained professionals, and our extensive ecosystem relationships. We are confident that our capabilities and our partnership with Microsoft are key to helping operators execute and scale their OSDU Data Platform transformation with Microsoft Energy Data Services and the interoperability of the platform.

How to work with Accenture on Microsoft Energy Data Services

Microsoft Energy Data Services is an enterprise-grade, fully managed, OSDU Data Platform for the energy industry that is efficient, standardized, easy to deploy, and scalable for data management—for ingesting, aggregating, storing, searching, and retrieving data. The platform will provide the scale, security, privacy, and compliance expected by our enterprise customers.

Learn more

Get started with Microsoft Energy Data Services today.
Learn more about Accenture’s OSDU Capabilities.

Quelle: Azure

Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Cloud Infrastructure and Platform Services

Gartner® recently published its 2022 Magic Quadrant™ for Cloud Infrastructure and Platform Services (CIPS) report. For the ninth consecutive year, Microsoft was named a Leader, and for the first time placed furthest on the Completeness of Vision axis.

For years, we’ve understood the industry has trusted Gartner Magic Quadrant reports to provide a holistic review of cloud providers’ capabilities.

Today, we face an uncertain global economy, and as customers consider migrating and modernizing their IT environments, they’re turning to the cloud experts they can trust. Our goal is to be that trusted expert with the most comprehensive cloud platform our customers can rely on to manage their infrastructure and modernize their digital estates, freeing them up to focus on what they do best—create, innovate, and differentiate.

We’re honored by this placement in the Gartner report but know there is more to do, particularly as our customers navigate ongoing uncertainties. As they continue to prioritize cloud investments to build resiliency, we’re committed to making continuous improvements and investments to meet their needs.

From cloud to edge: We help customers innovate anywhere

Our long-standing hybrid and multicloud approach is unique in empowering organizations from any industry, wherever they are in their cloud journey, and for whatever use cases they can dream up, to achieve more with Microsoft Azure.

This approach has long enabled our customers to control and manage their sprawling IT assets, ensure consistency, and meet regulatory and sovereignty requirements. Now, as customers leverage the cloud to build new products and offerings that help them stay agile and competitive, Azure and solutions like Azure Arc help organizations innovate anywhere.

Azure Arc operates as a bridge extending across the Azure platform by allowing applications and services the flexibility to run across datacenters, edge, and multicloud environments. Customers across industries including financial services, retail, consumer goods, and manufacturing are realizing the benefits of Azure Arc to address their unique business needs.

Our investments in Azure Arc continue. At Microsoft Build this year, we announced any Cloud Native Computing Foundation (CNCF)-conformant Kubernetes cluster connected through Azure Arc is now a supported deployment target for Azure application services.

In August, we announced the public preview of Microsoft Dev Box, a managed service that enables developers to create on-demand, high-performance, secure, ready-to-code, project-specific workstations in the cloud so they can work and innovate anywhere. And, more recently at Microsoft Ignite, we announced the availability of Arc-enabled SQL Server and new deployment options for Azure Kubernetes Services enabled by Arc, so customers can run containerized apps regardless of their location.

To help our customers optimize their cloud investments, we have pricing benefits and offers, like Azure Hybrid Benefit, providing a way to use existing on-premises Windows Server and SQL Server licenses on the cloud with no additional cost. We also understand customers may need additional help to ensure workloads remain secure and protected with hybrid flexibility as you move.

Earlier this month, we announced the expansion of Azure Hybrid Benefit to include AKS. Now our customers can deploy the Azure Kubernetes Service on Azure Stack HCI or Windows Server in their own datacenters or edge environments at no additional cost. This ensures a consistent, managed Kubernetes experience from cloud to edge for both Windows and Linux containers.

I am always inspired by the ways our customers use our solutions to do more with less, and at the same time, overcome longstanding security and governance challenges.

Performance, scale, and mission-critical capability for all applications and workloads

We continuously invest to make Azure the best place for customers to run their mission-critical workloads, like SAP. Because of offerings like Azure Center for SAP Solutions, an end-to-end solution to deploy and manage SAP workloads on Azure, we’ve become the platform of choice for SAP apps on the cloud.

We're also making significant investments to support our customers’ largest Windows Server and SQL Server migration and modernization projects, up to 2.5 times more than previous investments1. This will provide even more migration support in two ways: partner assistance with planning and moving workloads, and Azure credits that offset transition costs during the move to Azure Virtual Machines, Azure SQL Managed Instance, and Azure SQL Database.

Global reach and expansion to meet digital sovereignty needs

As the cloud provider with the most datacenter regions—60+ worldwide—we also have a deep commitment to infrastructure expansion for our customers around the world. This year, we launched datacenters in Sweden and Qatar and will launch 10 more regions over the next year.

We also recently launched Microsoft Cloud for Sovereignty for government and public sector customers, designed to meet heightened requirements for data residency, privacy, access control, and operational compliance in cloud and hybrid environments.

Microsoft Cloud and Azure help customers unlock business potential

At Microsoft, we have been through our own digital transformation. We brought products like Microsoft Office to the cloud, and we draw from that experience to empower customers to achieve more through the cloud. We understand the power and promise of technology to help unlock an organization’s potential—for employees, customers, industries, and even society more broadly.

Today Microsoft Azure customers come in all shapes and sizes—from startups to space stations, hybrid to cloud native—and are increasingly capitalizing on the value of the full Microsoft Cloud to enable continuous innovation with integrated solutions.

The National Basketball Association (NBA) is a great example of an organization that chose to migrate its SAP solutions and other resources to Microsoft Azure to improve operations and boost fan engagement. Azure enabled them to spend less time managing technology and focus more on generating fan-centric experiences that bring together business, game, and fan data to enhance the way people can enjoy interacting with the NBA.

Using Azure DevOps and Azure Kubernetes Service, Ernst and Young Global Limited (EY) built more agile practices and shifted into a rolling product-delivery approach for software and services. Now, they’re developing and deploying solutions faster and with more confidence across a wide range of environments.

And global pharmaceutical company Sanofi overcame the limitations of its on-premises infrastructure by adopting a hybrid cloud strategy. They chose Azure as their cloud platform, gaining the speed, agility, and reliability necessary for innovation.

No matter where our customers are in their journey, whether they are migrating, modernizing, or creating new applications in the cloud for their customers, we are here to help them achieve their goals today and empower every organization to build for the future.

Learn more

Read the full complimentary Gartner report.
Learn more about the Azure Migration & Modernization Program (AMMP).
Learn more about Azure Center for SAP.
Read about how organizations can stay resilient by optimizing their cloud investments.
Learn how developers can accelerate innovation on Microsoft Cloud.
Read the latest on how Azure powers your app innovation and modernization with the choice of control and productivity to deploy apps at scale.
Learn more about the Microsoft Dev Box.
Read Jessica Hawk’s blog post about Microsoft as a leader in the 2022 Gartner Magic Quadrant for Data and Integration Tools.
Get started with a free Azure account.

 

 

Gartner, Magic Quadrant for Cloud Infrastructure and Platform Services, 19 October 2022, Raj Bala, Dennis Smith, Kevin Ji, David Wright, and Miguel Angel Borrega.
 
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft. GARTNER and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and its affiliates in the United States and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product, or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

1 based on project eligibility through the Azure Migration and Modernization Program.
Quelle: Azure

Forrester Total Economic Impact study: Azure Arc delivers 206 percent ROI over 3 years

Businesses today are building and running cloud-based applications to drive their business forward. As these applications are built they need to take full advantage of the agility, efficiency, and speed of cloud innovation. However, not all applications and infrastructure they run on can physically reside in the public cloud. That’s why 86 percent of enterprises plan to increase investment in hybrid or multicloud environments.

We’re building Azure to meet you where you are, so you can do more with your existing investments. We also want you to be able to stay agile and flexible when extending Azure to your on-premises, multicloud, and edge environments.

Azure Arc delivers on these needs. Azure Arc is a bridge that extends the Azure platform so you can build applications and services with the flexibility to run across datacenters, edge, and multicloud environments.

For the 2022 commissioned study, The Total Economic Impact™ of Microsoft Azure Arc for Security and Governance, Forrester Consulting interviewed four organizations with experience using Azure Arc. These organizations serve global markets in the industries of manufacturing, energy, and financial services. According to the aggregated data, Azure Arc demonstrated:

A 206 percent return on investment (ROI) over three years with payback in less than six months.
A 30 percent gain in productivity for IT Operations team members.
An 80 percent reduction in risk of data breach from unsecured infrastructure.
A 15 percent reduction in spending on third-party tools, saving on expenses.

The Forrester study provides a framework for organizations wanting to evaluate the potential financial impact on their organizations of using Azure Arc for infrastructure security and governance. Forrester found that organizations with hybrid or multicloud strategies can realize productivity gains and reduce security risks by using Microsoft Azure Arc to secure and govern non-Azure infrastructure alongside Azure resources.

Productivity gains with Azure Arc’s single-pane view

The organizations in Forrester’s study reported that after implementing Azure Arc, their IT Operations personnel realized a 30 percent gain in productivity from savings in time spent on regular duties such as configuring and updating infrastructure, managing policies and permissions, troubleshooting, and resolving issues, and other tasks that don’t directly drive business. With Azure Arc, IT teams can observe, secure, and govern diverse infrastructure and applications from a single pane of glass in Azure—leveraging Azure services enables them to be more agile, respond more efficiently, and frees time to serve business interests with higher-value tasks.

“We’re just making everyone’s lives so much easier so they can do other things. If there is an issue, for example, you don’t have to spend a week troubleshooting.”—Architect, Cloud products, Energy.

Cost savings and streamlined infrastructure through the Azure portal

Most organizations today run a mix of applications in on-premises datacenters, in the cloud, and at the edge. These disparate environments often result in investments in multiple management tools specific to the technology platforms, resulting in tool sprawl and excessive costs.

By moving to a single view of infrastructure and resources in the Azure portal enabled by Azure Arc, organizations could eliminate their legacy management tools, reducing licensing expenditures and eliminating costly on-premises management infrastructure. With Azure’s flexible consumption-based pricing, they are no longer locked into long-term contracts or capacity limits.

The composite organization in the Forrester study saved $900,000 in year three from reduced spending on third-party tools—a 15 percent decrease.

"When I do dive in, I actually have a faster understanding of [our infrastructure]. So the benefit to me is that I have greater visibility—I need to ask [the team] fewer questions. The [Azure Arc] dashboard is […] very easy."—VP of IT, Finance.

Microsoft Defender for Cloud and Microsoft Sentinel modernize security operations

Azure Arc helps organizations combat rapidly evolving security threats with increased efficiency by enabling the use of Microsoft security services such as Microsoft Defender for Cloud and Microsoft Sentinel across hybrid and multicloud environments.

Forrester found that the composite organization lowered the risk of a data breach from unsecured infrastructure by 80 percent after adopting Azure Arc and Microsoft security services. After onboarding Azure Arc, the organization uncovered noncompliant assets running on-premises or in edge environments and updated them to the latest security standards. This results in the savings of hundreds of thousands of dollars that would have been spent otherwise on managing breaches.

"With Azure Arc, we gained real insights into our infrastructure, including infrastructure [another cloud provider]. That helped us identify architecture [gaps] as well as controls to improve security compliance. [With Azure Arc], we found that around 20 percent of our infrastructure had been noncompliant."—Deputy IT Director, Manufacturing.

Learn more

Azure Arc is a bridge that extends the Azure platform to help customers build applications and services with the flexibility to run across datacenters, at the edge, and in multicloud environments. Get started today and do more with your existing investments. We welcome you to try it for free. You can also learn more about how other customers are using Azure Arc to innovate anywhere.

Download the full report: The Total Economic Impact™ of Microsoft Azure Arc for Security and Governance.
To learn more about Azure Arc, visit our website.

Quelle: Azure

Introducing Vision Studio, a UI-based demo interface for Computer Vision

Are you looking to improve the analysis and management of images and videos? The Computer Vision API provides access to advanced algorithms for processing media and returning information. By uploading a media asset or specifying a media asset’s URL, Azure’s Computer Vision algorithms can analyze visual content in different ways based on inputs and user choices, tailored to your business.

Want to try out this service with samples that return data in a quick, straightforward manner, without technical support? We are happy to introduce Vision Studio in preview, a platform of UI-based tools that lets you explore, demo and evaluate features from Computer Vision, regardless of your coding experience. You can start experimenting with the services and learning what they offer, then when ready to deploy, use the available client libraries and REST APIs to get started embedding these services into your own applications.

Overview of Vision Studio

Each of the Computer Vision features has one or more try-it-out experiences in Vision Studio. To use your own images in Vision Studio, you'll need an Azure subscription and a resource for Cognitive Services for authentication. Otherwise, you can try Vision Studio without logging in, using our provided set of sample images. These experiences help you quickly test the features using a no-code approach that provides JSON and text responses. In Vision Studio, you can try out the following services:

What's new to try in Vision Studio

Optical Character Recognition (OCR)

The optical character recognition (OCR) service allows you to extract printed or handwritten text from images, such as photos of street signs and products, as well as from documents—invoices, bills, financial reports, articles, and more. Try it out in Vision Studio using your own images to extract text.

Spatial Analysis

The Spatial Analysis service analyzes the presence and movement of people on a video feed and produces events that other systems can respond to. Try it out in Vision Studio using samples we provide, to see how spatial analysis will improve retail operations.

Face

The Face service provides AI algorithms that detect, recognize, and analyze human faces in images. Facial recognition software is important in many different scenarios, such as identity verification, touchless access control, and face blurring for privacy. Apply for access to the Face API service to try out identity recognition and verification in Vision Studio.

Image Analysis

The Image Analysis service extracts many visual features from images, such as objects, faces, adult content, and auto-generated text descriptions to improve accessibility. Try it out in Vision Studio using your own images to accurately identify objects, moderate content and caption images.

Responsible AI in Vision

We offer guidance for the responsible use of these capabilities based on Microsoft AI’s principles of fairness, reliability and safety, privacy and security, inclusiveness, transparency, and human accountability. The Responsible AI Standard sets out our best thinking on how we will build AI systems to uphold these values and earn society’s trust. It provides specific, actionable guidance for our teams that goes beyond the high-level principles that have dominated the AI landscape to date.  Learn more about Responsible AI in Vision. 

Next steps

Go to Vision Studio to begin using features offered by the service.
For more information on the features offered, see the Azure Computer Vision overview.

Quelle: Azure

Microsoft Cost Management updates—October 2022

Whether you're a new student, a thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you're spending where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Microsoft Cost Management comes in.

We're always looking for ways to learn more about your challenges and how Microsoft Cost Management can help you better understand where you're accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Introducing Azure savings plans.
Group costs by Azure Virtual Desktop host pool.
Azure Advisor score now generally available.
Help shape the future of cost management for cloud services.
Cost optimization using Azure Migrate.
Drive efficiency through automation and AI.
What's new in Cost Management Labs.
New ways to save money with Microsoft Cloud.
New videos and learning opportunities.
Documentation updates.
Join the Microsoft Cost Management team.

Let's dig into the details.

Introducing Azure savings plans

As a cloud provider, we are committed to helping our customers get the most value out of their cloud investment through a comprehensive set of pricing models, offers and benefits that adapt to customer’s unique needs. Today, we are announcing Azure savings plan. With this new pricing offer, customers will have an easy and flexible way to save up to 65 percent on compute costs, compared to pay-as-you-go pricing, in addition to existing offers in market including Azure Hybrid Benefit and Reservations.

Azure savings plans lower prices on select Azure services with a commitment to spend a fixed hourly amount for one or three years. You choose whether to pay all upfront or monthly at no extra cost. As you use services such as virtual machines (VMs) and container instances across the world, their usage is covered by the plan at reduced prices, helping you get more value from your cloud budget. During the times when usage is above the hourly commitment, you’ll be billed at your regular on-demand rates.

Azure savings plan is available for the following services today:

Virtual machines
App Service
Azure Functions premium plan
Container instances
Dedicated hosts

To learn more, see Optimize and maximize cloud investment with Azure savings plan for compute.

Group costs by Azure Virtual Desktop host pool

Many organizations use Azure Virtual Desktop to virtualize applications, often as part of their cloud migration strategy. These applications can cover anything from pure virtual machines to SQL databases, web apps, and more. With such a broad set of connected services, you can imagine how difficult it might be to visualize and manage costs. To help streamline this process and deliver a holistic view of costs rolling up to your Azure Virtual Desktop host pools, Cost Management now supports tagging resource dependencies to group them under their logical parent within the cost analysis preview, making it easier than ever to see the cost of your Azure Virtual Desktop workloads.

To get started, simply apply the cm-resource-parent tag to the virtual machines and/or other child resources you want to see rolled up to your host pool. Set the tag value to be the full resource ID of the host pool. Once the tag is applied, all new usage data will start to be grouped under the parent resource.

For a guided walkthrough, check out the following videos:

The Real Cost Of Cloud Applications (6 minutes)—Walks through how to enable resource parenting manually in the portal.
If Only I Knew THIS About Azure 5 Years Ago (5 minutes)—Walks through how to enable resource parenting via Azure Policy.

To learn more, see Group costs by host pool with Cost Management now in Public Preview for Azure Virtual Desktop. To learn more about the cm-resource-parent tag and how to group resources of any type, see Group related resources in the cost analysis preview.

Azure Advisor score now generally available

Azure Advisor score offers you a way to prioritize the most impactful Advisor recommendations to optimize your deployments using the Azure Well-Architected Framework. Advisor displays your category scores and your overall Advisor score as percentages. A score of 100 percent in any category means all your resources, assessed by Advisor, follow the best practices that Advisor recommends. On the other end of the spectrum, a score of 0 percent means that none of your resources, assessed by Advisor, follow Advisor recommendations.

Advisor score now supports the ability to report on specific workloads using resource tag filters in addition to subscriptions. For example, you can now omit non-production resources from the score calculation. You can also track your progress over time to understand whether you are consistently maintaining healthy Azure deployments.

To learn more, see Optimize Azure workloads by using Advisor Score.

Help shape the future of cost management for cloud services

Are you responsible for managing purchases, cost, and commerce for your cloud services and SaaS (software as a service) products? Do you perform tasks such as acquisition, account management, cost management, billing, and cost optimization for those services? Do your job responsibilities cover scenarios such as understanding cloud solution spending, discovering resources/services needed, acquiring licenses/subscriptions, monitoring spending over time, analyzing resource utilization, updating licenses/subscriptions, and paying invoices?

If so, we are interested in having an hour-long conversation with you. Please send an email to CE_UXR@microsoft.com to highlight your interest and we will get back to you.

Cost optimization using Azure Migrate

During Microsoft Ignite, we highlighted our continued commitment to cost optimization through support for SQL Server assessments, prior to migration and modernization using Azure Migrate. Customers can now perform unified, at-scale, agentless discovery and assessment of SQL Servers on Microsoft Hyper-V, bare-metal servers, and infrastructure as a service (IaaS) of other public clouds, such as AWS EC2, in addition to VMware environments. The capability will allow customers to analyze existing configurations, performance, and feature compatibility to help with right-sizing and estimating cost. It will also check on readiness and blockers for migrating to Azure SQL Managed instance, SQL Server on Azure virtual machine, and Azure SQL Database. All this information can also be presented in a single coherent report for easy consumption while reducing cost for customers.

Please see our tech community blog for more details. The blog presents a step-by-step procedure to get started, followed by details on scaling and support. Post-assessment options and more details on related topics are covered as well.

Drive efficiency through automation and AI

This year at Microsoft Ignite we explore how organizations can activate AI and automation directly in their business workflows and empower developers to use those same intelligent building blocks to deliver their own differentiated experiences.

The global pandemic has created unprecedented levels of uncertainty, as well as the need to sense and reshape our physical and digital environments, sometimes in completely new ways. Leaders across industries recognize innovation as the only path forward. Critically, we’ve seen a shift from “innovation for innovation’s sake” toward a desire to lower operating costs, anticipate trends, reduce carbon footprints, and improve customer and employee experiences. We’re calling this commitment to innovation “digital perseverance.”

Read the full blog post to learn about automation opportunities through Microsoft Syntex and Power Platform.

What's new in Cost Management Labs

With Cost Management Labs, you get a sneak peek at what's coming in Microsoft Cost Management and can engage directly with us to share feedback and help us better understand how you use the service, so we can deliver more tuned and optimized experiences. Here are a few features you can see in Cost Management Labs:

Forecast in the cost analysis preview. 
Show your forecast cost for the period at the top of the cost analysis preview. You can opt in using Try preview.
Group related resources in the cost analysis preview. 
Group related resources, like disks under VMs or web apps under App Service plans, by adding a “cm-resource-parent” tag to the child resources with a value of the parent resource ID.
Charts in the cost analysis preview. 
View your daily or monthly cost over time in the cost analysis preview. You can opt in using Try Preview.
View cost for your resources. 
The cost for your resources is one click away from the resource overview in the preview portal. Just click View cost to quickly jump to the cost of that resource.
Change scope from the menu. 
Change scope from the menu for quicker navigation. You can opt-in using Try Preview.

Of course, that's not all. Every change in Microsoft Cost Management is available in Cost Management Labs a week before it's in the full Azure portal or Microsoft 365 admin center. We're eager to hear your thoughts and understand what you'd like to see next. What are you waiting for? Try Cost Management Labs today.

New ways to save money in the Microsoft Cloud

New and updated general availability offers:

Microsoft Teams Premium.
Reserved capacity for Azure Backup Storage.
Azure Hybrid Benefit for AKS and Azure Stack HCI.
Azure Monitor Logs capabilities to add value and lower costs.
Zone-redundant storage support by Azure Backup.
Stream Analytics in Qatar Central.

New previews:

Include standard and Spot VMs in the same Virtual Machine Scale Set.
Azure Firewall Basic.
Azure NetApp Files backup in Southeast Asia and UK South.

New videos and learning opportunities

If you manage related resources and are looking for a simpler way to view costs across resources, you’ll want to check out these new videos:

The Real Cost Of Cloud Applications (6 minutes).
If Only I Knew THIS About Azure 5 Years Ago (5 minutes).

Follow the Microsoft Cost Management YouTube channel to stay in the loop with new videos as they’re released and let us know what you'd like to see next.

Want a more guided experience? Start with Control Azure spending and manage bills with Microsoft Cost Management.

Documentation updates

Here are two documentation updates you might be interested in if you use reservations or are interested in more flexible ways to save money in Azure:

New: Save with Azure savings plans.
Updated: Self-service exchanges and refunds for Azure Reservations.

Want to keep an eye on all documentation updates? Check out the Cost Management and Billing documentation change history in the azure-docs repository on GitHub. If you see something missing, select Edit at the top of the document and submit a quick pull request. You can also submit a GitHub issue. We welcome and appreciate all contributions!

Join the Microsoft Cost Management team

Are you excited about helping customers and partners better manage and optimize costs? We're looking for passionate, dedicated, and exceptional people to help build best in class cloud platforms and experiences to enable exactly that. If you have experience with big data infrastructure, reliable and scalable APIs, or rich and engaging user experiences, you'll find no better challenge than serving every Microsoft customer and partner in one of the most critical areas for driving cloud success.

Watch the video below to learn more about the Microsoft Cost Management team:

Join our team.

What's next?

These are just a few of the big updates from last month. Don't forget to check out the previous Microsoft Cost Management updates. We're always listening and making constant improvements based on your feedback, so please keep the feedback coming.

Follow @MSCostMgmt on Twitter and subscribe to the YouTube channel for updates, tips, and tricks. You can also share ideas and vote up others in the Cost Management feedback forum.

We know these are trying times for everyone. Best wishes from the Microsoft Cost Management team. Stay safe and stay healthy.
Quelle: Azure

Image Analysis 4.0 with new API endpoint and OCR model in preview

Enterprises and hobbyists alike have been using Azure Computer Vision’s Image Analysis API to garner various insights from their images. These insights help power scenarios such as digital asset management, search engine optimization (SEO), image content moderation, and alt text for accessibility among others. 

Newly improved features including read (OCR)

We are thrilled to announce the preview release of Computer Vision Image Analysis 4.0 which combines existing and new visual features such as read optical character recognition (OCR), captioning, image classification and tagging, object detection, people detection, and smart cropping into one API. One call is all it takes to run all these features on an image. 

The OCR feature integrates more deeply with the Computer Vision service and includes performance improvements that are optimized for image scenarios that make OCR easy to use for user interfaces and near real-time experiences. Read now supports 164 languages including Cyrillic, Arabic, and Hindi.

Tested at scale and ready for deployment 

Microsoft’s own products from PowerPoint, Designer, Word, Outlook, Edge, and LinkedIn are using Vision APIs to power design suggestions, alt text for accessibility, SEO, document processing, and content moderation. 

You can get started with the preview by trying out the visual features with your images on Vision Studio. Upgrading from a previous version of the Computer Vision Image Analysis API to V4.0 is simple with these instructions.

We will continue to release breakthrough vision AI through this new API over the coming months, including capabilities powered by the Florence foundation model featured in this year’s premiere computer vision conference keynote at CVPR. 

Additional Computer Vision services

Spatial Analysis is also in preview. You can use the spatial analysis feature to create apps that can count people in a room, understand dwell times in front of a retail display, and determine wait times in lines. Build solutions that enable occupancy management and social distancing, optimize in-store and office layouts, and accelerate the checkout process. By processing video streams from physical spaces, you're able to learn how people use them and maximize the space's value to your organization.

The Azure Face service provides AI algorithms that detect, recognize, and analyze human faces in images. Facial recognition software is important in many different scenarios, such as identity verification, touchless access control, and face blurring for privacy. Face service access is limited based on eligibility and usage criteria in order to support our Responsible AI principles. Face service is only available to Microsoft managed customers and partners. Use the Face Recognition intake form to apply for access. For more information, see the Face limited access page.

Computer Vision and Responsible AI

We are excited to see how our customers use Computer Vision’s Image Analysis API with these new and updated features. Our technology advancements are also guided by Microsoft’s Responsible AI process, and our principles of fairness, inclusiveness, reliability and safety, transparency, privacy and security, and accountability. We put these ethical standards into practice through the Office of Responsible AI (ORA)—which sets our rules and governance processes, the AI Ethics and Effects in Engineering and Research (Aether) Committee—which advises our leadership on the challenges and opportunities presented by AI innovations, and Responsible AI Strategy in Engineering (RAISE)—a team that enables the implementation of Microsoft Responsible AI rules across engineering groups.

Get started

Start improving how you analyze images with Image Analysis 4.0 with a unified API endpoint and a new OCR Model. 

Computer Vision documentation.
Image Analysis documentation. 
Quick Start for Image Analysis. 
Vision Studio for demoing product solutions.

Quelle: Azure

Azure Scales 530B Parameter GPT-3 Model with NVIDIA NeMo Megatron

This post was co-authored by Hugo Affaticati, Technical Program Manager, Microsoft Azure HPC + AI, and Jon Shelley, Principal TPM Manager, Microsoft Azure HPC + AI.

Natural language processing (NLP), automated speech recognition (ASR), and text-to-speech (TTS) applications are becoming increasingly common in today’s world. Most companies have leveraged these technologies to create chatbots for managing customer questions and complaints, streamlining operations, and removing some of the heavy cost burden that comes with headcount. But what you may not realize is they’re also being used internally to reduce risk and identify fraudulent behavior, reduce customer complaints, increase automation, and analyze customer sentiment. It’s prevalent in most places, but especially in industries such as healthcare, finance, retail, and telecommunications.

NVIDIA recently released the latest version of the NVIDIA NeMo Megatron framework, which is now in open beta. This framework can be used to build and deploy large language models (LLMs) with natural language understanding (NLU).

Combining NVIDIA NeMo Megatron with our Azure AI infrastructure offers a powerful platform that anyone can spin up in minutes without having to incur the costs and burden of managing their own on-premises infrastructure. And of course, we have taken our benchmarking of the new framework to a new level, to truly show the power of the Azure infrastructure.

Reaching new milestones with 530B parameters

We used Azure NDm A100 v4-series virtual machines to run the GPT-3 model's new NVIDIA NeMo Megatron framework and test the limits of this series. NDm A100 v4 virtual machines are Azure’s flagship GPU offerings for AI and deep learning powered by NVIDIA A100 80GB Tensor Core GPUs. These instances have the most GPU memory capacity and bandwidth, backed by NVIDIA InfiniBand HDR connections to support scaling up and out. Ultimately, we ran a 530B-parameter benchmark on 175 virtual machines, resulting in a training time per step of as low as 55.7 seconds (figure1). This benchmark measures the compute efficiency and how it scales by measuring the time taken per step to train the model after steady state is reached, with a mini-batch size of one. Such outstanding speed would not have been possible without InfiniBand HDR providing excellent communication between nodes without increased latency.

Figure 1: Training time per step on the 530B-parameter benchmark from 105 to 175 virtual machines.

These results highlight an almost linear speed increase, guaranteeing better performance for a higher number of nodes—paramount for heavy or time-sensitive workloads. As shown by these runs with billions of parameters, customers can rest assured that Azure’s infrastructure can handle even the most difficult and complex workloads, on demand.

“Speed and scale are both key to developing large language models, and the latest release of the NVIDIA NeMo Megatron framework introduces new techniques to deliver 30 percent faster training for LLMs,” said Paresh Kharya, senior director of accelerated computing at NVIDIA. “Microsoft’s testing with NeMo Megatron 530B also shows that Azure NDm A100 v4 instances powered by NVIDIA A100 Tensor Core GPUs and NVIDIA InfiniBand networking provide a compelling option for achieving linear training speedups at massive scale.”

Showcasing Azure AI capabilities—now and in the future

Azure’s commitment is to make AI and HPC accessible to everyone. It includes, but is not limited to, providing the best AI infrastructure that scales from the smallest use cases to the heaviest workloads. As we continue to innovate to build the best platform for your AI workloads, our promise to you is to use the latest benchmarks to test our AI capabilities. These results help drive our own innovation and showcase that there is no limit to what you can do. For all your AI computing needs, Azure has you covered.

Learn more

To learn more about the results or how to recreate them, please see the following links.

A quick start guide to benchmarking LLM models in Azure: NVIDIA NeMo Megatron—Results.
A quick start guide to benchmarking LLM models in Azure: NVIDIA NeMo Megatron—Steps.

Quelle: Azure

Azure Virtual WAN simplifies networking needs

Today we are excited to make announcements in multiple areas of Azure Virtual WAN (vWAN), networking as a service that brings networking, security, and routing functionalities together to provide a single operational interface. As enterprises increasingly adopt the cloud while reducing their costs, IT teams looking to consolidate, accelerate, or even revamp their wide area network should consider Azure Virtual WAN. You don't need to have all these use cases to start using Virtual WAN—you can get started with just one. With ease of use and simplicity built in, vWAN is a one-stop shop to connect, protect, route traffic, and monitor your wide area network.

“Microsoft Azure Virtual WAN is driving outcomes for Accenture. Migrating 250+ corporate networks to Virtual WAN with code-based deployments creates flexible, cheaper, and consistent networks for our customers. We can now easily connect new work sites in hours.”—Conrad Johnson, Cloud Networks Service Director, Accenture.

The following areas have key announcements:

Remote user connectivity (also known as point-to-site VPN).
Routing.
Branch connectivity (also known as site-to-site VPN).
Private connectivity (also known as ExpressRoute).
Third-Party Network Virtual Appliance Integrations.

Remote-user connectivity (also known as point-to-site VPN)

Multipool user group support preview

Multipool user group support for remote-user (point-to-site) VPN allows you to assign different IP address pools to connecting users based on their credentials. With this feature, you can segment your remote users into distinct groups, assign each group unique IP addresses and use the assigned IPs to control and restrict access to business-critical applications hosted both in Azure and on-premises.

User groups within a Virtual WAN can be defined based on Azure Active Directory membership, Certificate Common Name domain or custom RADIUS attributes.

In this example, Contoso corporation has three departments, human resources, finance, and engineering. Contoso also has an on-premises datacenter hosting several business applications connected to Virtual WAN via an ExpressRoute circuit. Contoso leverages Azure Active Directory groups and Virtual WAN remote user/point-to-site VPN groups to segment and assigns different IPs to HR, finance, and engineering users.

Contoso then configures Azure Firewall and on-premises Firewall rules to allow each functional department to only access relevant applications. For example, Azure Firewall is configured to restrict access to applications in the HR VNet to HR Users. Likewise, on-premises firewalls are also configured to allow users access to applications based on need.

To learn more, read about the underlying concepts behind remote-user connectivity and watch a step-by-step tutorial.

Routing

Secure hub routing intent preview

Routing intent and routing policies allow you to simplify securing your Azure Virtual WAN deployments. With a single click, you can send all traffic (including inter-region and branch-to-branch) to be inspected by Azure Firewall or select Next-Generation Firewall (NGFW) Network Virtual Appliances deployed in the virtual WAN hub. Virtual WAN’s router manages this all for you dynamically by using BGP so that you can avoid error-prone configurations.1

Configuring a routing policy on a hub makes that hub a regional security boundary—all traffic entering or leaving that hub will be sent to Azure Firewall or NVA of choice for inspection before being forwarded to its destination. Routing policies allow you to deploy Azure Firewall/NVA as a bump-in-the-wire solution to inspect East-West (VNet-to-VNet, branch-to-branch (ExpressRoute, P2S VPN, S2S VPN), North-South (branch-to-VNet) traffic between resources connected to the same hub and different hubs. Azure Firewall or a Network virtual appliance Firewall can also serve as the egress point for internet traffic for Virtual Networks and on-premises.

For more information on how to use routing intent and policies, please see how to configure Virtual WAN Hub routing policies.
For a list of available Next-Generation Firewall (NGFW) NVA’s deployed in the hub and appropriate instructions for deploying and accessing previews, please see our Network Virtual Appliances documentation.

Hub routing preference (HRP) is generally available

When a virtual hub router learns multiple routes across S2S VPN, ER, and SD-WAN NVA connections for a destination route prefix on-premises, the virtual hub router makes routing decisions using a built-in route selection algorithm. Being able to select virtual hub routing preference provides the ability to influence routing decisions in a virtual hub router for traffic flowing towards on-premises.

Hub routing preference gives you more control over your infrastructure by allowing you to select how your traffic is routed when a virtual hub router learns multiple routes across S2S VPN, ER and SD-WAN NVA connections. Hub routing preference provides the ability to select between ExpressRoute, AS Path, and VPN to create your desired traffic flow.

Routes are selected in the following order:

Select routes with Longest Prefix Match (LPM).
Prefer static routes over BGP routes.
Hub routing preference lets you select between ExpressRoute, AS Path, and VPN.

For more information on hub routing preference, please see Virtual WAN virtual hub routing preference – Preview – Azure Virtual WAN | Microsoft Learn.

Bypass next hop IP for workloads within a spoke VNet connected to the virtual WAN hub generally available

One of Virtual WANs most popular routing use cases is deploying an NVA in a spoke VNet attached to a virtual WAN hub, then routing traffic through the NVA. Bypassing next hop IP for workloads within a spoke VNet connected to the virtual WAN hub lets you deploy and access other resources in the VNet with your NVA without any additional configuration.

Bypassing next hop IP for workloads within a spoke VNet connected to the virtual WAN hub allows you to have greater flexibility in how you deploy NVAs. This feature allows you to deploy NVAs and other workloads into the same VNet without forcing all the traffic through the NVA.

Learn how to configure virtual hub routing and more about Bypass next hop IP for workloads within a spoke VNet connected to the virtual WAN hub.

Border Gateway Protocol (BGP) Peering with a virtual hub is generally available

BGP Peering with a virtual hub exposes the ability to peer with the virtual hub router directly using the Border Gateway Protocol (BGP) routing protocol. This feature now eliminates the need to configure static routes between a Network Virtual Appliance (NVA) and the virtual hub router.

BGP Peering with a virtual hub enables you to deploy an NVA in a spoke VNet and dynamically exchange routes with your branch and on-premises sites. You can then peer that same NVA with the virtual hub dynamically using BGP. Now you can exchange routes between your branch and the virtual hub without using static routes!

Read more about BGP peering with a virtual hub on Microsoft Learn.
Learn how to configure BGP peering to an NVA virtual hub.

Branch connectivity (also known as site-to-site VPN)

BGP dashboard is now generally available

The BGP dashboard provides the ability to monitor BGP peers, advertised routes, and learned routes for your site-to-site VPNs configured to use BGP in one place.

The BGP dashboard provides greater visibility into your branch offices connected to Virtual WAN. You now have the ability to see what routes your branch office is sending to the virtual WAN router, while also seeing what routes the Virtual WAN router is sending to your branch offices.

See more information on how to monitor S2S VPN BGP routes on the BGP dashboard.

For customers that want to use a non-vWAN VPN gateway, also known as a Virtual Network gateway, which can be used to set up a site-to-site connection within Azure to a Virtual WAN system, the following Virtual WAN–enabled capabilities are worth checking out.

Virtual Network Gateway VPN over ExpressRoute private peering (AZ and non-AZ regions) is generally available

Customers can now use VPN over ExpressRoute private peering connectivity in non-AZ regions. Earlier, this feature was only available for regions having availability zones. The following gateway SKUs can be used for setting up VPN connectivity:

VpnGw1/2/3/4/5 SKUs with standard public IP for regions with no availability zones
VpnGw1AZ/2AZ3AZ/4AZ/5AZ SKUs with standard public IP for regions having one or more availability zones

Point-to-site users connecting to a virtual network gateway can use ExpressRoute (via the site-to-site tunnel) to access on-premises resources.

Customers can deploy site-to-site VPN connections over ExpressRoute private peering at the same time as site-to-site VPN connection via the Internet on the same VPN gateway.

Read more information on this new feature.

Custom traffic selectors (portal)–generally available

Customers may want to set traffic selectors to narrow down address prefixes from both ends of a VPN tunnel. Custom traffic selectors are particularly useful for customers who have large VNet address spaces but want to use one of their subnets for IPsec/IKE negotiation. Customers can add custom traffic selectors when creating a new connection or update an existing connection.

Earlier, we enabled custom traffic selectors using PowerShell. Customers can now also use the portal to set custom traffic selectors on their Virtual Network Gateway VPN connections.

The TrafficSelectorPolicy parameter consists of an array of traffic selectors, with each traffic selector holding a collection of local and remote address ranges in CIDR format.

See more information on setting up traffic selectors.

High availability for Azure VPN client using secondary profile is generally available

Customers can now use Azure VPN client in Windows to add a secondary gateway preference in their primary gateway configuration. This feature improves connection availability for point-to-site customers by having a pre-configured additional profile. If for some reason, the primary gateway encounters an outage, VPN client will automatically failover to connect with the secondary gateway.

See more information on Azure VPN client using secondary profile.

Private connectivity (also known as ExpressRoute)

ExpressRoute circuit with visibility of Virtual WAN connection

Previously in Azure Portal, when navigating to an ExpressRoute circuit connected to a Virtual WAN hub, the ExpressRoute circuit’s Connections page did not display the connections to the virtual hub’s ExpressRoute gateway. With this feature, these connections to the virtual hub’s ExpressRoute gateways are now visible.

By displaying these connections to the ExpressRoute gateways in the virtual hub, this feature provides you with more visibility into your Azure architecture. Not only does this enable you to gain a deeper understanding of your topology, but this will allow you to better monitor and troubleshoot your ExpressRoute connectivity.

Watch a tutorial on how to create an ExpressRoute association to Azure Virtual WAN.

Third-party integrations

Fortinet SDWAN is generally available

We are pleased to announce the general availability of Fortinet SD-WAN in Virtual WAN. Fortinet’s security-driven approach consolidates next-generation Azure Firewall and SD-WAN into a single set of hassle-free solutions to deploy and bootstrap highly available virtual appliances and provide full security inspection at the point of cloud connectivity.

Fortinet SD-WAN dynamically exchanges routes with the Virtual Hub Router using BGP to effortlessly simplify routing between Fortinet SD-WAN branch devices, your applications hosted in Azure Virtual Networks, and services hosted on ExpressRoute-connected on-premises.2

Find more information about Network Virtual Appliances in Virtual WAN on Microsoft Learn.
Read more about Fortinet SD-WAN in Virtual WAN.

Aruba EdgeConnect Enterprise SDWAN preview

We are pleased to announce the preview of Aruba EdgeConnect Enterprise SD-WAN solution in Azure Virtual WAN. The Aruba EdgeConnect Enterprise SD-WAN solution delivers optimized, secured, and automated branch connectivity to, and through, Azure.

The Aruba EdgeConnect Enterprise solution provides a fully-automated, scalable, and software-defined experience connecting branch offices and data centers to Azure Virtual WAN with application-aware traffic steering.

See more on how to deploy the Aruba EdgeConnect Enterprise SD-WAN in Virtual WAN.
Read about Integrated Network Virtual Appliances in Virtual WAN on Microsoft Learn.

Checkpoint NG Firewall preview

We are pleased to announce the preview of Check Point’s Next-Generation Firewall in Virtual WAN. This deep integration allows you to deploy a Check Point Cloud Guard Network Security (CGNS) NVA in the Virtual WAN hub, which lets you enjoy Check Point capabilities without having to worry about provisioning high availability, bootstrapping, or managing upgrades. A major benefit of this NVA integration is simplified routing, as the NVA peers use BGP with the Virtual WAN hub router, which intelligently handles routing decisions within and across Virtual WAN hubs.

Check Point CGNS provides many next-generation firewall capabilities, such as advanced threat detection to prevent malware attacks. In addition, you can configure Check Point security policies via a single pane of glass with Check Point Security Management.2

Watch a demo on this integration.
Read more about the Check Point Azure Virtual WAN security solution announcement.
Find more information about Integrated Network Virtual Appliances on Microsoft Learn.

We want your feedback

We look forward to continuing to build out Azure Virtual WAN and adding more capabilities in the future. We encourage you to try out Azure Virtual WAN and its new features and look forward to hearing more about your experiences and so we can incorporate your feedback into the product.

Learn more

For additional information, please explore these resources:

What's new in Azure Virtual WAN?.
Virtual WAN documentation.

 

 

1. Support for inter-region traffic inspection is currently rolling out and is available today for a limited set of regions. To learn more, please reach out to previewinterhub@microsoft.com.

2. NGFW use cases for Routing Intent are currently in preview. Please see Routing Intent section above for more details.
Quelle: Azure

Leverage SFTP support for Azure Blob Storage to build a unified data lake

Today, we are announcing that SSH File Transfer Protocol (SFTP) support for Azure Blob Storage is generally available. SFTP support for Azure Blob Storage is a fully managed, highly scalable SFTP service that enables simple, secure, and easy-to-manage file transfers. This empowers you to modernize your data transfer workflows and eliminate data silos.

The addition of SFTP to Azure Blob Storage, our object storage platform, expands on our vision of multi-protocol access and enables you to run your SFTP workloads with minimal management effort and low infrastructure costs. SFTP support, combined with protocol support for NFS 3.0, Blob REST, and Azure Data Lake Storage, helps customers migrate their applications without any changes. Building on top of the Blob Storage foundation also allows SFTP-enabled accounts to inherit the security, durability, scalability, and cost efficiency of Azure Blob Storage.

This new feature is a one-click enablement solution to transfer files to and from object storage using SFTP without having to monitor or maintain the underlying infrastructure. Customers no longer need to spend resources and time to deploy, manage, scale, and maintain virtual machine (VM)–based SFTP servers.

During our public preview, thousands of customers from various industries such as consulting, retail, healthcare, telecom, financial services, and governments have embraced this feature and are eager to deploy their workloads in production. These customers have been using SFTP for a variety of data transfer scenarios such as exchanging data with customers and partners, modernizing legacy data workflows, syncing data across on-premises and cloud, and collecting data from nodes in a network to unlock insights via a unified data lake.

Manage hybrid workloads using SFTP support for Azure Blob Storage

AT&T, the world’s largest telecommunications company, has a goal to move the majority of its applications to the cloud using private networks. As an organization, it wants to modernize legacy apps and adopt a hybrid architecture where some critical applications are running on-premises and some on Azure.

"As a part of its hybrid architecture, AT&T transfers data between on-premises to Azure and one of the primary methods used is SFTP. Now, instead of creating, maintaining, and patching VMs to keep an SFTP service running, AT&T leverages Blob SFTP to eliminate these repetitive tasks. By providing one-click enablement to create an SFTP endpoint for our Blob Storage accounts, Azure abstracts the infrastructure complexity and provides a highly available SFTP service. The cherry on top of the cake is Local Users, a lightweight identity that complements SFTP, which is very easy to set up, manage, and allows granular permission setting at container level."—Chirag Choksi, Principal Software Engineer, AT&T.

Unlock insights via a unified data lake

Kraft Heinz is an American multinational food company with many beloved brands across the globe. The company has a deep partnership with Microsoft and Azure is its preferred cloud platform for various IT modernization, digital transformation, data science, and analytics workloads that drive its business forward. Kraft Heinz’s data analytics processes involve collaborating with multiple partners and vendors who share data that needs to be ingested into their Enterprise Data Warehouse.

“Managing data sharing pipelines with a wide range of data providers, partners, and retailers is extremely complicated and becomes messy if many different tools are used. SFTP is the common denominator that helps us exchange data in a scalable and secure manner with all collaborators, but we have been incurring tech debt by managing our own SFTP VM servers that require constant maintenance. With SFTP support for Azure Blob Storage, we can easily enable an SFTP endpoint for our data lake for both inbound and outbound file transfers without compromising security or creating additional tech debt. This frees up valuable resources which were previously used to maintain our own SFTP servers. Most importantly, it allows us to create a unified data lake that can be used to generate business insights.”—Ashish Agrawal, Director of Cloud Engineering, Kraft Heinz Company.

Migrate business-critical applications to the cloud

SNCF Réseau is the leading French railway network management company that orchestrates traffic on more than 28,000 kilometers of railway lines. It is responsible for 5 million passengers and 250K tons of freight every day and strives to provide cost-effective and environmentally friendly mobility solutions. To modernize its billing application, SNCF utilizes SFTP support for Azure Blob Storage.

“SFTP servers enable SNCF to communicate data between Azure cloud and their on-premises data centers. In SFTP support for Azure Blob Storage, SNCF found the perfect fully managed, highly available, massively scalable SFTP PaaS that vastly simplified our data transfer workflows. Blob Storage’s native SFTP solution decreases maintenance overhead, freeing up resources that enable SNCF to focus on their goal to innovate and enrich the lives of millions of travelers.”—Taij Triki, Solution Architect, SNCF.

Get Started

Accelerate your migration to the cloud for SFTP workloads with SFTP support for Azure Blob Storage today! Get started by checking out the introductory video and reviewing how to connect to Azure Blob Storage using SFTP.

Learn more

Optimize performance with the guidance in performance Considerations for SFTP in Azure Blob Storage.

Assess limitations of known issues with SFTP support for Azure Blob Storage.

Verify host keys by referring to host keys for SFTP support for Azure Blob Storage.

 

 

SFTP support for Azure Blob Storage is not currently available with GA support in West Europe. This will be resolved in the coming weeks.
Quelle: Azure

Visualize and monitor Azure & hybrid networks with Azure Network Watcher

There is a critical need for increased visibility and control over the operational state of complex networks running sophisticated workloads. Multi-cloud and hybrid network environments power new demands of remote work, 5G/Edge connectivity, microservices based workloads, and increased cloud adoption. The advent of the cloud has added agility, cost benefits, and brought along the need for management of the infrastructure. Management and monitoring of the network underlying these complex applications plays a key role in ensuring end-user satisfaction.

Azure Network Watcher provides an entire suite of tools to visualize, monitor, diagnose, and troubleshoot network issues across Azure and Hybrid cloud environments. Network Watcher enables customers to detect anomalies across Azure and hybrid networks with comprehensive wide coverage, through a guided and intuitive drilled-down experience. Network Watcher helps customers monitor, manage, and understand their own networks for performance, connectivity, security, and compliance issues and furthermore, empowers customers to troubleshoot efficiently with actionable insights and proactive alerting, thus effectively reducing the mean time to resolve network issues.

The following new feature enhancements across Network Watcher suite aim to provide timely and complete visibility and actionable insights to customers of their hybrid networks in a manner that is easily accessible, readily usable, and reliable.

Visualize resource and network health with Topology

Topology enables users to quickly acquire system context, comprehend state, and troubleshoot issues efficiently by visualizing the resources in a network. It offers a visually connected experience for monitoring and managing inventory.

This new topology experience in Azure, which replaces the Network Watcher topology, will enable customers to create a consistent and dynamic topology across multiple subscriptions, regions, and resource groups (RGs)—comprising of numerous resources.

Allowing deep dives into the customer’s environment, Topology lets users drill down from regions, VNETs to subnets, and resource view diagram of resources supported in Azure.

Stitching the end-to-end monitoring and diagnostics story for all Network Monitoring needs, topology offers the capability to run Next Hop directly from a VM selected in the topology.

Significant features available with this preview: 

Multi-region and multi-subscription–dynamic drill-down visualization.
Health status of resources using resource health (RHC) status.
Diagnostics tool Next Hop integration.
Resource view diagram for all supported resources.

Monitor connectivity using Azure Monitor Agent with Connection Monitor

 

Integration of Azure Monitor Agent’s support consolidates multi-monitoring agents into a single connectivity monitoring agent in Azure Network Watcher’s Connection Monitor.

Connection Monitor, a multi-agent solution, monitors connectivity at regular intervals across Azure and Hybrid endpoints and provides aggregated data for packet loss, latency, and status codes over TCP, ICMP, and HTTP(s) pings.

Connection Monitor helps you troubleshoot network issues with faster alerts for lack of connectivity or reachability to the endpoints. The unified topology rendered provides a complete end-to-end visualization of the network path from source to destination, with actionable insights.

This agent integration enhancement addresses connectivity monitoring logs and metrics data collection needs across Azure and ARC-enabled on-premises machines, thus eliminating the overhead of management and enablement of multiple monitoring agents. Additionally, Azure Monitor Agent provides enhanced security and performance capabilities, effective cost savings, and ease of troubleshooting with simpler management of data collection. With this support, dependency on the soon-to-be-retired Log Analytics agent is eliminated, while increasing the coverage for on-premises machines with support for ARC-enabled endpoints.

Significant features available with preview:

Connectivity monitoring support for ARC-enabled on-premises endpoints.
Simpler management of monitoring extension.
One agent for monitoring Azure and non-Azure endpoints.
Enhanced security through Managed Identity and Azure Active Directory (Azure AD) tokens.             

Learn More

Please navigate to the Network Insights portal to try out Azure Topology.
Refer here to learn more about Network Insights.
Please navigate to the Connection Monitor portal to try out Connection Monitor with Azure Monitor Agent. 
Refer here to learn more about Connection Monitor.

Quelle: Azure