Announcing Microsoft Dev Box Preview

Many IT organizations must choose between giving developers the flexibility they need to be productive and keeping developer workstations managed and secure. Supply chain challenges have led to developers waiting weeks or months to get the hardware they need, forcing them to use aging hardware or unsecured personal devices. At the same time, hybrid work has forced IT to open access to corporate and on-premises resources to developers around the world. With access to sensitive source code and customer data, developers are increasingly becoming the target of more sophisticated cyberattacks.

Today, we’re excited to announce the preview of Microsoft Dev Box is now available to the public. Microsoft Dev Box is a managed service that enables developers to create on-demand, high-performance, secure, ready-to-code, project-specific workstations in the cloud. Sign in to the Azure portal and search for “dev box” to begin creating dev boxes for your organization.

Focus on code—not infrastructure

With Microsoft Dev Box, developers can focus on writing the code only they can write instead of trying to get a working environment that can build and run the code. Dev boxes are ready-to-code and preconfigured by the team with all the tools and settings developers need for their projects and tasks. Developers can create their own dev boxes whenever they need to quickly switch between projects, experiment on a proof-of-concept, or kick off a full build in the background while they move on to the next task.

Microsoft Dev Box supports any developer IDE, SDK, or tool that runs on Windows. Developers can target any development workload that can be built from Windows including desktop, mobile, IoT, and web applications. Microsoft Dev Box even supports building cross-platform apps thanks to Windows Subsystem for Linux and Windows Subsystem for Android. Remote access gives developers the flexibility to securely access dev boxes from any device, whether it’s Windows, MacOS, Android, iOS, or a web browser.

Tailor dev boxes to the needs of the team

With Microsoft Dev Box, developer teams create and maintain dev box images with all the tools and dependencies their developers need to build and run their applications. Developer leads can instantly deploy the right size dev box for specific roles in a team anywhere in the world, selecting from 4 vCPU / 16GB to 32 vCPU / 128GB SKUs to scale to any size application. By deploying dev boxes in the closest Azure region and connecting via the Azure Global Network, dev teams ensure a smooth and responsive experience with gigabit connection speeds for developers around the world.

Using Azure Active Directory groups, IT admins can grant access to sensitive source code and customer data for each project. With role-based permissions and custom network configurations, developer leads can give vendors limited access to the resources they need to contribute to the project—eliminating the need to ship hardware to short-term contractors and helping keep development more secure.

Centralize governance and management

Developer flexibility and productivity can’t come at the expense of security or compliance. Microsoft Dev Box builds on Windows 365, making it easy for IT administrators to manage dev boxes together with physical devices and Cloud PCs through Microsoft Intune and Microsoft Endpoint Manager. IT admins can set conditional access policies to ensure users only access dev boxes from compliant devices while keeping dev boxes up to date using expedited quality updates to deploy zero-day patches across the organization and quickly isolate compromised devices. Endpoint Manager’s deep device analytics make it easy to audit application health, device utilization, and other critical metrics, giving developers the confidence to focus on their code knowing they’re not exposing the organization to any unnecessary risk.

Microsoft Dev Box uses a consumption-based compute and storage pricing model, meaning organizations only pay for what they use. Automated schedules can warm up dev boxes at the start of the day and stop them at the end of the day while they sit idle. With hibernation, available in a few weeks, developers can resume a stopped dev box and pick up right where they left off.

Get started now

Microsoft Dev Box is available today as a preview from the Azure Portal. During this period, organizations get the first 15 hours of the dev box 8vCPU and 32 GB Memory SKU for free every month, along with the first 365 hours of the dev box Storage SSD 512 GB SKU. Beyond that, organizations pay only for what they use with a consumption-based pricing model. With this model, organizations are charged on a per-hour basis depending on the number of Compute and Storage that are consumed.

To learn more about Microsoft Dev Box and get started with the service, visit the Microsoft Dev Box page or find out how to deploy your own Dev Box from a pool.
Quelle: Azure

Security for next generation telecommunication networks

Almost two years ago, the National Defense Science Board invited me to participate in the Summer Study 2020 Panel, “Protecting the Global Information Infrastructure.” They requested that I brief them on the evolution of the global communications infrastructure connecting all nations. The U.S., like other nations, both cooperates and competes in the commercial telecom market, while prioritizing national security.

This study group was interested in the implementation of 5G and its evolution to 6G. They understood that softwarization of the core communication technologies and the inclusion of edge and cloud computing as core infrastructure components of telecommunications services is inevitable. Because of my expertise in these areas, they invited me to share my thoughts on how we might secure and protect the emerging networks and systems of the future. I prepared for the meeting by looking at how Microsoft, as a major cloud vendor, had worked to secure our global networks.

My conclusion was simple. It is clear that attacks on the national communications infrastructure will occur with much greater sophistication than ever before. Because of this, we continue to develop our networks and systems with security as our first principle and we stay constantly vigilant. To these ends, Microsoft has adopted a zero-trust security architecture in all our platforms, services, and network functions.

Specialized hardware replaced by disaggregated software

One challenge for the panel was to understand precisely what the emerging connectivity infrastructure will be, and what security attributes must be assured with respect to that infrastructure.

Classical networks (the ones before the recent 5G networks), were deployed as hub-and-spoke architecture. Packets came to a specialized hardware-software package developed by a single vendor. From there, they were sent to the Internet. But 5G (and beyond) networks are different. In many ways, the specialized hardware has been “busted open.”

Functionality is now disaggregated into multi-vendor software components that run on different interconnected servers. As a result, the attack surface area has increased dramatically. Network architects have to protect each of these components along their interconnects—both independently and together. Furthermore, packets are now processed by multiple servers, any of which could be compromised. 5G brings the promise of a significant number of connected Internet-of-Things (IoT) devices that, once compromised, could also be turned into an army of attackers.

The power of cloud lies in its scale

In a word, Microsoft Azure is big: 62 regions in 140 countries worldwide host millions of networked servers, with regions connected by over 180,000 miles of fiber. Some of our brightest and most experienced engineers have used their knowledge to make this infrastructure safe and secure for customers, which includes companies and people working in healthcare, government services, finance, energy, manufacturing, retail, and more.

As of today, Microsoft tracks more than 250 unique nation-states, cybercriminals, and other threat actors. Our cloud processes and analyzes more than 43 trillion security signals every single day. Nearly 600,000 organizations worldwide use our security offering. With all this, Microsoft’s infrastructure is secure, and we have earned the trust of our customers. Many of the world’s largest companies with vital and complex security needs have offloaded much of their network and compute workloads to Azure. Microsoft Azure has become part of their critical infrastructure.

Securing Open RAN architecture

The cloud’s massive and unprecedented scale is unique, and precisely what makes the large investments in sophisticated defense and security economically possible. Microsoft Azure’s ground-up design includes strict security measures to withstand any type of attack imaginable. Conversely, the scale required to defend against sophisticated threats is not logical or feasible for smaller-scale, on-premises systems.

The report, “Why 5G requires new approaches to cybersecurity”1 articulates several good reasons why we need to think about how to protect our infrastructure. Many of us in research and engineering have also been thinking about these issues, as evidenced by Microsoft’s recently published white paper, Bringing Cloud Security to the Open RAN, which describes how we can defend and mitigate against malicious attacks against O-RANs, beginning with security as the first principle.

With respect to O-RAN and Azure for Operators Distributed Services (AODS), we explain how they inherit and benefit from the cloud’s robust security principles applied in the development of the far-edge and the near-edge. The inherently modular nature of Open RAN, alongside recent advancements in Software Defined Networking (SDN) and network functions virtualization (NFV), enables Microsoft to deploy security capabilities and features at scale across the O-RAN ecosystem.

We encapsulate code into secure containers and enable more granular control of sensitive data and workloads than prior generations of networking technologies. Additionally, our computing framework makes it easy to add sophisticated security features in real-time, including AI/ML and advanced cloud security capabilities to promptly detect and actively mitigate malicious activities.

Microsoft is actively working on delivering the most resilient platform in the industry, backed by our proven security capabilities, trustworthy guarantees, and a well-established secure development lifecycle. This platform is being integrated with Microsoft security defense services to prevent, detect, and respond to attacks. It includes AI/ML technologies to allow creation of logic to automate and create actionable intelligence to improve security, fault analyses, and operational efficiency.

We are also leveraging Azure services such as Active Directory, Azure Container Registry, Azure Arc, and Azure Network Function Manager to provide a foundation for secure and verifiable deployment of RAN components. Additional technologies include secure RAN deployment and management processes on top of these, which will eliminate significant upfront cost otherwise incurred by RAN vendors when building these technologies themselves.

It is noteworthy that across the entire project lifecycle—from planning to sunsetting—we integrate security practices. All software deliverables are developed in a “secure by default” manner, going through a pipeline that leverages Microsoft Azure’s security analysis tools that perform static analysis, credential scanning, regression, and functionality testing.

We are taking steps to integrate our RAN analytics engine with Microsoft Sentinel. This enables telecom operators to manage vulnerability and security issues, and to deploy secure capabilities for their data and assets. We expect Microsoft Sentinel, Azure Monitor, and other Azure services will incorporate our RAN analytics to support telecommunications customers. With this, we will deliver intelligent security analytics and threat intelligence for alert detection, threat visibility, proactive hunting, and threat response. We also expect that Azure AI Gallery will host sophisticated 3rd party ML models for RAN optimization and threat detection, running on the data streams we collect.

Mitigating the impact of compromised systems

We have built many great tools to keep the “bad guys” out, but building secure telecommunication platforms requires dealing with the unfortunate reality that sometimes systems can still be compromised. As a result, we are aggressively conducting research and building technologies, including fast detection and recovery from compromised systems.

Take the case of ransomware. Traditional ransomware attacks encrypt a victim’s data and ask for a ransom in exchange for decrypting it. However, modern ransomware attacks do not limit themselves to encrypting data. Instead, they remove the enterprise’s ability to control its platforms and critical infrastructure. The RAN constitutes critical infrastructure and can suffer from ransomware attacks.

Specifically, we have developed technology that prepares us for the unfortunate time when systems may be compromised. Our latest technology makes it easier to recover as quickly as possible, and with minimal manual effort. This is especially important in telco far-edge scenarios, where the large number of sites makes it prohibitively expensive to send technicians into the field for recovery. Our solution, which leverages a concept called trusted beacons, automatically recovers a far-edge node from a compromise or failure. When trusted beacons are absent, the platform automatically reboots and re-installs an original, unmodified, and uncompromised software image.

Looking into the future

We have developed mechanisms for monitoring and analyzing data as we look for threats. Our best-in-class verification technology checks every configuration before lighting it up. Our researchers are constantly adding new AI techniques that use the compute power of the cloud to protect our infrastructure better than ever before. Our end-to-end zero-trust solutions spanning identity, security, compliance, and device management, across cloud, edge, and all connected platforms will protect the telecommunications infrastructure. We continue to invest billions to improve cybersecurity outcomes.

Microsoft will continue to update you on developments that impact the security of our network, including many of the technologies noted within this article. Microsoft knows that while we need to continue to be vigilant, the telecommunications industry ultimately benefits by making Microsoft Azure part of their critical infrastructure.

1 Tom Wheeler and David Simpson, “Why 5G requires new approaches to cybersecurity.” The Brookings Institution.
Quelle: Azure

3 ways Azure Speech transforms game development with AI

With Azure Cognitive Services for Speech, customers can build voice-enabled apps confidently and quickly with the Speech SDK. We make it easy for customers to transcribe speech to text (STT) with high accuracy, produce natural-sounding text-to-speech (TTS) voices, and translate spoken audio. In the past few years, we have been inspired by the innovations coming out of the gaming industry, specific to AI.

Why AI for gaming? AI in gaming allows for flexible and reactive video game experiences. As technology continues to change and evolve, AI innovation has led to pioneering and tremendous advances in the gaming industry. Here are three popular use cases:

Use Cases for AI Gaming

Game dialogue prototyping with text to speech: Shorten the amount of time and money spent on the product to get the game to market sooner. Designers and producers can rapidly swap lines of dialogue using different emotional voices and listen to variations in real-time to ensure accuracy.

Greater accessibility with transcription, translation, and text to speech: Make gaming more accessible and add functionality through a single interface. Gameplay instructions that make games more accessible to individuals unable to read the text or language. Storylines for visually impaired gamers or younger users that have yet to be taught to read.

Scalable non-playable character voices and interaction with text to speech: Easily produce voice characters that stay on-brand with consistent quality and speaking styles. Game developers can add emotions, accents, nuances, laughter, and other paralinguistic sounds and expressions to game avatars and NPCs (non-playable characters) that can initiate or participate in a conversation in-game.

Featured Customers for AI Gaming

Flight Simulator: Our first-party game developers are using AI for speech to improve end-user experiences. Flight Simulator is the longest-running franchise in Microsoft history, and the latest critically acclaimed release not only builds on that legacy, but it also pushes the boundaries as the most technologically advanced simulator ever made. By adding authentic air traffic controller voices, Flight Simulator added a small-but-powerful way to elevate the Flight Simulator experience.​ Recording audio to replicate air traffic controllers from every airport on Earth was a huge task—TTS is a great solution that can handle the dynamic content as well as serve the air traffic controller voices as a low-latency, highly available, secure, and scalable solution. Let’s check out a video for the newly released Flight Simulator experience with custom neural voice implemented for real-time air traffic controller voice.

Undead Labs: Undead Labs studio is on a mission to take gaming in bold new directions. They are the makers of the State of Decay franchise and use Azure Neural TTS during game development.

Double Fine: Double Fine is the producer of many popular games, including Psychonauts. They are utilizing our neural TTS to prototype future game projects.

You can check out our use case presentation at Microsoft’s Game Developers Conference 2022 for more details.

Speech Services and Responsible AI

We are excited about the future of Azure Speech with human-like, diverse, and delightful quality under the high-level architecture of XYZ-code AI framework. Our technology advancements are also guided by Microsoft’s Responsible AI process, and our principles of fairness, inclusiveness, reliability and safety, transparency, privacy and security, and accountability. We put these ethical standards into practice through the Office of Responsible AI (ORA)—which sets our rules and governance processes, the AI Ethics and Effects in Engineering and Research (Aether) Committee—which advises our leadership on the challenges and opportunities presented by AI innovations, and Responsible AI Strategy in Engineering (RAISE)—a team that enables the implementation of Microsoft Responsible AI rules across engineering groups.

Get started

Start building new customer experiences with Azure Neural TTS and STT. In addition, the Custom Neural Voice capability enables organizations to create a unique brand voice in multiple languages and styles.

Resources

Get started with text to speech
Get started with speech to text
Get started with Custom Neural Voice
Get started with speech translation

Quelle: Azure

Microsoft is a Leader in 2022 Gartner Magic Quadrant for Cloud AI Developer Services

Gartner has recognized Microsoft as a Leader in the 2022 Gartner® Magic Quadrant™ for Cloud AI Developer Services, with Microsoft placed furthest in “Completeness of Vision”.

Gartner defines the market as “cloud-hosted or containerized services that enable development teams and business users who are not data science experts to use AI models via APIs, software development kits (SDKs), or applications.”

We are proud to be recognized for our Azure AI Platform. In this post, we’ll dig into the Gartner evaluation, what it means for developers, and provide access to the full reprint of the Gartner Magic Quadrant to learn more.

Scale intelligent apps with production-ready AI

“Although ModelOps practices are maturing, most software engineering teams still need AI capabilities that do not demand advanced machine learning skills. For this reason, cloud AI developer services (CAIDS) are essential tools for software engineering teams.”—Gartner

A staggering 87 percent of AI projects never make it into production.¹ Beyond the complexity of data preprocessing and building AI models, organizations wrestle with scalability, security, governance, and more to make their model’s production ready. That’s why over 85 percent of Fortune 100 companies use Azure AI today, spanning industries and use cases.

More and more, we see developers accelerate time to value by using pre-built and customizable AI models as building blocks for intelligent solutions. Microsoft Research has made significant breakthroughs in AI over the years, being the first to achieve human parity across speech, vision, and language capabilities. Today, we’re pushing the boundaries of language model capabilities with large models like Turing, GPT-3, and Codex (the model powering GitHub Copilot) to help developers be more productive. Azure AI packages these innovations into production-ready general models known as Azure Cognitive Services and use case-specific models, Azure Applied AI Services for developers to integrate via API or an SDK, then continue to fine tune for greater accuracy.

For developers and data scientists looking to build production-ready machine learning models at scale, we support automated machine learning also known as autoML. AutoML in Azure Machine Learning is based on breakthrough Microsoft research focused on automating the time-consuming, iterative tasks of machine learning model development. This frees up data scientists, analysts, and developers to focus on value-add tasks outside operations and accelerate their time to production.

Enable productivity for AI teams across the organization

“As more developers use CAIDS to build machine learning models, the collaboration between developers and data scientists will become increasingly important.”—Gartner

As AI becomes more mainstream across organizations, it’s essential that employees have the tools they need to collaborate, build, manage, and deploy AI solutions effectively and responsibly. As Microsoft Chairman and CEO Satya Nadella shared at Microsoft Build, Microsoft is "building models as platforms in Azure" so that developers with different skills can take advantage of breakthrough AI research and embed them into their own applications. This ranges from professional developers building intelligent apps with APIs and SDKs to citizen developers using pre-built models via Microsoft Power Platform.

Azure AI empowers developers to build apps in their preferred language and deploy in the cloud, on-premises, or at the edge using containers. Recently we also announced the capability to use any Kubernetes cluster and extend machine learning to run close to where your data lives. These resources can be run through a single pane with the management, consistency, and reliability provided by Azure Arc.

Operationalize Responsible AI practices

“Vendors and customers alike are seeking more than just performance and accuracy from machine learning model. When selecting AutoML services, they should prioritize vendors that excel at providing explainable, transparent models with built-in bias detection and compensatory mechanisms.”—Gartner

At Microsoft, we apply our Responsible AI Standard to our product strategy and development lifecycle, and we’ve made it a priority to help customers do the same. We also provide tools and resources to help customers understand, protect, and control their AI solutions, including a Responsible AI Dashboard, bot development guidelines, and built-in tools to help them explain model behavior, test for fairness, and more. Providing a consistent toolset to your data science team not only supports responsible AI implementation but also helps provide greater transparency and enables more consistent, efficient model deployments.

Microsoft is proud to be recognized as a Leader in Cloud AI Developer Services, and we are excited by innovations happening at Microsoft and across the industry that empower developers to tackle real-world challenges with AI. You can read and learn from the complete Gartner Magic Quadrant now.

Learn more

Explore other analyst reports for Azure AI.
Read the latest announcements from Azure AI on the Azure blog.

References

¹Why do 87 percent of data science projects never make it into production? Venture Beat.

Gartner Inc.: “Magic Quadrant for Cloud AI Developer Services,” Van Baker, Svetlana Sicular, Erick Brethenoux, Arun Batchu, Mike Fang, May 23, 2022.

Gartner and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Quelle: Azure

Bluware and Microsoft Azure develop OSDU-enabled interactive AI seismic interpretation solution for energy super major

This blog post has been co-authored by Kapil Raval, Principal Program Manager, Microsoft.​

Bluware, which develops cloud-native solutions to help oil and gas operators to increase exploration and production workflow productivity through deep learning by enabling geoscientists to deliver faster and smarter decisions about the subsurface and today announced its collaboration with Microsoft for its next-generation automated interpretation solution, InteractivAI™, which is built on the Azure implementation of the OSDU™ Data Platform.

The two companies are working together to provide comprehensive solutions combining Microsoft Cloud implementation of OSDU™ Data Platform with Bluware’s subsurface knowledge. As the world’s energy companies retool for the future, they are juggling priorities between new forms of energy, carbon emissions, and maintaining the growing demand for fossil fuels. Innovative solutions such as cloud computing and machine learning are playing an important role in this transition.

To address an energy super major’s seismic interpretation challenges, Bluware is providing an interactive deep learning solution that runs natively on Azure, called InteractivAI™.

InteractivAI™ is utilized by the organization’s exploration and reservoir development teams to accelerate seismic interpretations and improve results by assisting geoscientists in identifying geological and geophysical features that may have been previously missed, incorrectly interpreted, or simply too time-consuming to interpret.

Using a data-centric approach, the application is unique in its ability, allowing users to train and infer simultaneously. Imagine running deep learning in real-time where the interpreter is providing feedback that the operator can actually see as the network suggests on-the-fly interpretations. This even includes results on data that is either not readily visible to the human eye or very difficult to see. This interactive workflow delivers more precise and comprehensive results in hours compared to months resulting in higher quality exploration and reservoir development.

The interactive deep learning approach

Bluware is pioneering the concept of ‘interactive deep learning’, wherein the scientist remains in the figurative ‘driver’s seat’ and steers the network as it learns and adapts based on the interpreter’s teachings. The adjustment and optimization of training the data set provides immediate feedback to the network, which in turn adjusts weights and biases accordingly in real-time.

Bluware differs from other deep learning approaches which use a neural network that has been pre-trained on multiple data sets. Users must rely on a network that was trained on data they have not seen, created with a set of unknown biases, and therefore something they have no control over.

The basic parameterization exposed to scientists in these traditional approaches gives the illusion of network control without really ceding any significant control to the user. Processing times can be days or weeks, and scientists can only supply feedback to the network once the training is complete, at which point training will need to run again from scratch.

The interactive deep learning approach is a data-specific approach that focuses on creating the best learning and training model for the geology the user is working with. Unlike traditional deep learning approaches, the idea is to start with a blank, untrained network and train it while labeling to identify any feature of interest. This approach is not limited to salt or faults, but can also be used to capture shallow hazards, injectites, channels, bright spots, and more. This flexibility allows the expert to explore the myriad of possibilities and alternative interpretations within the area of interest.

The energy company initially conducted a two-month evaluation with multiple experts across their global asset teams. The results were remarkable, and the organization is continually adding users. Additionally, Bluware has provided a blueprint for the company’s IT team for an Azure Kubernetes Service (AKS) implementation which will accelerate and expand this Azure-based solution.

A seismic data format designed for the cloud

As companies continue to wrestle with enormous, complex data streams such as petabytes of seismic data, the pressure to invest in digital technology intensifies. Bluware has adapted to this imperative, delivering a cloud-based format for storing seismic data called Volume Data Store™ (VDS). Microsoft and Bluware have worked together to natively enable VDS as part of the Microsoft Cloud implementation of OSDU™ Data Platform, where developers and customers can connect to the seismic data stored and provide interactive AI-driven seismic interpretation workflows by using the InteractivAI™ SaaS from the Azure Appsource.

Bluware and Microsoft are collaborating in parallel to support major energy customers through their seismic shift initiatives including moving petabytes of data to Azure Blob storage in a cloud-native VDS environment.

Revolutionizing the way energy companies store and use seismic data

Bluware designed InteractivAI™ not only with seismic workflows in mind but also with an eye on the trends shaping the future of the energy sector. Creating a cloud-native data format makes it scalable for energy companies to do more with their data while lowering costs and speeding up workflows, allowing them to arrive at more accurate decisions faster leveraging the power of Azure.

About Bluware

In 2018, a group of energy-focused software companies, namely Bluware, Headwave, Hue, and Kalkulo AS merged to become Bluware Corp. to empower change, growth, and a sustainable future for the energy sector.

As companies pivot from fossil fuels to cleaner energy sources, the combination of new industry standards, cloud computing, and AI will be critical for companies to adapt quickly, work smarter, and continue to be profitable. Companies that adapt faster, will have a significant advantage over their competition. For more information, visit Bluware’s website.
Quelle: Azure

Azure Lab Services August 2022 update—Improved classroom and training experience

The new updated Azure Lab Services allows you to set up and configure Cloud labs for your classroom and training scenarios. You don’t have to worry about setting up, expanding, or managing on-premises labs anymore. We provide a managed service and take the hassle out of managing and maintaining these labs. The updated service comes with improved performance and enhanced backend reliability. With the introduction of virtual network (VNet) injection and more control of the virtual network, you can now unlock key training and classroom scenarios such as lab-to-lab communication and utilize the service to teach a wide range of courses requiring complex configurations. With this new update you also now have an option to integrate the service with the Canvas learning management system.

The introduction of additional roles, Azure policies, and enhanced cost tracking and management capability provides the features you need to fully understand, manage and maintain your service. The availability of a .NET SDK, Python SDK, Azure PowerShell module, and Azure Resource Manager (ARM) templates makes it easy for IT and administrators to automate and manage all aspects of the service. Learn more about the Azure Lab Services update and how to use it.

With major reliability and performance enhancements to the original service, this major update is bringing a whole slew of additional features for IT organizations, administrators, educators, and students.

The update is bringing features and functionality for all personas of the service including administrators, educators, and students.

New features help IT departments and administrators automate and manage

For the IT staff and the service administrators, now there is a concept of creating a lab plan instead of a lab account in the Azure portal to start the process of creating labs. A lab plan is used to create, configure settings, and manage the labs. For ease of administration of the lab, new roles have been created to provide granular control to different people in the organization who will manage and maintain the labs. We are also introducing default and custom Azure policies with this update to help administrators with more control over the management of the labs.

Similar to the older service, you will have to request additional virtual processors (vCPUs), depending on your Azure subscription, and how many labs and virtual machines you want to create in the labs. With this updated release, there is an improved vCPU capacity management for your subscription, and you don't share the vCPU capacity with other customers when using the service.

With the new release, it is also easier to track costs for your labs or the virtual machines utilizing Azure Cost Management. On the networking front, we are introducing Virtual Network Injection compared to virtual network peering, which was offered in the older service. Virtual Network Injection provides you with control of Azure NSG (Network Security Group) and load balancer for your virtual network. Virtual Network Injection supports some of the common scenarios such as lab-to-lab communication, access to Azure or on-premises license server, and utilizing Azure File services.

In order to make it easy for administrators to manage and maintain the service, we are offering a range of tools including a .NET SDK, Python SDK, Azure PowerShell module, and ARM templates. These tools will not only help you with automating and managing your service but can also be utilized to build value-add services on top of our service for your customers.

In alignment with all the global compliance and regulatory laws around data residency, the customers now have a choice to deploy the labs and related virtual machines in their region of choice, so their data stays local to where they want.

More options and flexibility for educators

Educators and instructors are also getting features and new functionality to improve their experience in the service. The updated service can also be integrated with Canvas, a popular learning management system. This makes it easy for educators to stay in Canvas to create, manage, and maintain their labs, and students can also access the labs and virtual machines from within Canvas. Educators now have the option to create labs with virtual machines and assign students to them with non-admin access.

The auto-shutdown feature of the virtual machines has now been improved to work across both Windows and Linux virtual machines. In addition, there are improvements around virtual machine idle detection based on resource usage and user presence. The update also provides additional flexibility to the educator to skip the virtual machine template creation process if they already have an image to use and don’t want to customize it. Using an already existing image or the default image from the Azure marketplace allows for fast creation of the lab compared to when the educator wants to create a lab with an image but will further customize it after the lab is created.

Faster, easier access for students

The updated service has also introduced improvements to the student experience.  Students can now troubleshoot any virtual machine access issues by redeploying their virtual machine without losing data. If the lab is set up to use Azure Active Directory (AAD) group sync, there is no longer a need to send an invitation email to the students to register for the lab and get access to the virtual machine. Now, a virtual machine is automatically assigned to the student and they can access it immediately.

Learn more

Enable your educational, learning, and training scenarios today no matter what industry, by using the service. Get started today to use the enhanced experience and new features by utilizing the Azure Lab Services August 2022 update!
Quelle: Azure

5 steps to prepare developers for cloud modernization

If you’re thinking about what it takes to modernize your applications, you’re not alone. Companies everywhere now understand that migrating applications to the cloud and shifting to a cloud-first approach is critical to business competitiveness. The purpose of modernizing applications is to better align them to current and future business needs. By deploying enterprise applications to the cloud, you gain greater ability to innovate, improve security, scale to meet demand, manage costs, and deliver rich and consistent customer experiences anywhere in the world more quickly.

But as you move to the cloud, there are many options to choose from and skills to gain. One of the most important parts of this effort is understanding how to prepare developers for cloud modernization—and one of the trickiest parts is knowing where to start.

According to research on Developer Velocity, the number one driver of business performance is best-in-class developer tools.1 Companies that create the right environment—by providing strong tools and removing points of friction for developers to innovate—have 47 percent higher developer satisfaction and retention rates than those in the lowest quartile for Developer Velocity. With Microsoft Azure, you’ll find not only the tools and technologies that you need to move to the cloud, but also extensive developer support for cloud modernization.

In this article, we’ll walk you through technical documentation, educational resources, and step-by-step guidance to help you build the skills and strategy needed to successfully modernize your applications. We use Azure App Service as our example, but the same concepts apply to other tools you might use in your modernization efforts.

Here are five steps to take to start preparing for cloud modernization:

1.    Watch how application migration works.

Migrating existing, on-premises applications to the cloud is often the focus of initial application modernization efforts. Once the business case has been made to migrate an application to the cloud, you’ll need to assess the application for all the dependencies that can affect whether it can be successfully migrated without modifying the application. In the case of App Service, a migration assistant guides you through the assessment. Then, if the assessment indicates that the application can be migrated, the migration assistant performs the migration. To get an introduction to how the assessment and migration process works, watch the overview video on how to migrate web apps to App Service.

2.    Learn to migrate an on-premises application to the cloud.

The best way to understand what it takes to migrate an application is to try it for yourself. To learn how to migrate an on-premises web application to App Service, take the step-by-step online course—including a hands-on lab—that guides you through migration and post-migration. Using a sandbox environment and access to free resources, you’ll get an in-depth walkthrough of how to migrate your web application, from assessment through post-migration tasks. You’ll also get background on why the assessment phase is so important, what types of problems it’s intended to identify, and what to do if any problems are found. Next, the course takes you through the migration process and provides guidance on the settings you’ll need to choose from, and it prepares you for additional tasks that might be necessary to get the web app in working order.

3.    Build a web app in the language of your choice.

Learning how to build a cloud-native application is another important step in preparing yourself to shift to a cloud-first approach. To give it a try, sign up for an Azure free account, which gives you access to dozens of free services, including App Service. Along with access to a wide range of cloud resources, you get developer support for cloud modernization through quickstart guides that walk you through creating and deploying a web app in App Service using the language of your choice, including .NET, Node.js, Java, Python, and other languages. This is also a great time to explore other Azure cloud capabilities and use the $200 credit that you get with the Azure free account.

4.    Assess your own web apps for modernization readiness.

Once you understand the basics of migrating and deploying applications in the cloud, it’s time to get to work on the process of assessing and migrating your own web apps. Use the free App Service migration tool to run a scan on your web app’s public URL. The tool will provide you with a compatibility report on the technologies your app uses and whether App Service fully supports them. If compatible, the tool will guide you through downloading the migration assistant, which simplifies migration in an automated way with minimal or no code changes.

5.    Download the App Migration Toolkit.

With a solid background in how to prepare for modernization, you’re in a good position to start putting the full range of Azure developer support for cloud modernization to work. Download the App Migration Toolkit to find the resources you need to successfully modernize your ASP.NET applications from start to finish. From building your business case to best practices and help gaining skills, the toolkit provides practical guidance and support to help you turn your application modernization plans into reality.

While application modernization is a significant initiative that requires strategy, planning, skill-building, and investment of time and resources, the benefits to the business are worth the effort. Fortunately, Azure simplifies the process of figuring out how to prepare developers for cloud modernization. The App Migration Toolkit gives you the skills and knowledge needed to help your organization innovate and stay competitive.

1Developer Velocity: How software excellence fuels business performance.
Quelle: Azure

Track adversaries and improve posture with Microsoft threat intelligence solutions

Today, we’re thrilled to announce two new security products driven by our acquisition of RiskIQ just over one year ago that deliver on our vision to provide deeper context into threat actors and help customers lock down their infrastructure.

Track threat actor activity and patterns with Microsoft Defender Threat Intelligence

This new product helps security operations teams uncover attacker infrastructure and accelerate investigation and remediation with more context, insights, and analysis than ever before. While threat intelligence is already built into the real time detections of our platform and security products like Microsoft Sentinel, customers also need direct access to real-time data and Microsoft’s unmatched signal to proactively hunt for threats across their environments.

For example, adversaries often run their attacks from many machines, with unique IP addresses. Tracing the actor behind an attack and tracking down their entire toolkit is challenging and time-consuming. Using built-in AI and machine learning, Defender Threat Intelligence uncovers the attacker or threat family and the elements of their malicious infrastructure. Armed with this information, security teams can then find and remove adversary tools within their organization and block their future use in tools like Microsoft Sentinel, helping to prevent future attacks.

See your business the way an attacker can with Microsoft Defender External Attack Surface Management

The new Defender External Attack Surface Management gives security teams the ability to discover unknown and unmanaged resources that are visible and accessible from the internet—essentially the same view an attacker has when selecting their target. Defender External Attack Surface Management helps customers discover unmanaged resources that could be potential entry points for an attacker.

Microsoft Defender External Attack Surface Management scans the internet and its connections every day. This builds a complete catalogue of a customer’s environment, discovering internet-facing resources, even the agentless and unmanaged assets. Continuous monitoring, without the need for agents or credentials, prioritizes new vulnerabilities. With this complete view of the organization, customers can take recommended steps to mitigate risk by bringing these resources under secure management within tools like Microsoft Defender for Cloud.

Read the full threat intelligence announcement and to learn more about how Microsoft Defender Threat Intelligence and Microsoft Sentinel work together, read the Tech Communities blog.

Additionally, in the spirit of continuous innovation and bringing as much of the digital environment under secure management as possible, we are proud to announce the new Microsoft Sentinel solution for SAP. Security teams can now monitor, detect, and respond to SAP alerts all from our cloud-native SIEM, Microsoft SIEM.

To learn more about these products and to see live demos, visit us at Black Hat USA, Microsoft Booth 2340. You can also register now for the Stop Ransomware with Microsoft Security digital event on September 15, 2022, to watch in-depth demos of the latest threat intelligence technology.
Quelle: Azure

Microsoft Cost Management updates – July 2022

Whether you're a new student, a thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you're spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Microsoft Cost Management comes in.

We're always looking for ways to learn more about your challenges and how Microsoft Cost Management can help you better understand where you're accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Introducing the Cost Details API
Filter cost recommendations by tag
How to choose the right Azure services for your applications—It’s not A or B
What's new in Cost Management Labs
New ways to save money with Microsoft Cloud
New videos and learning opportunities
Documentation updates
Join the Microsoft Cost Management team

Let's dig into the details.

Introducing the Cost Details API

You already know you can dig into your cost and usage data from the Azure portal or Microsoft 365 admin center. You may even know that you can export cost data to storage on a recurring schedule. While many organizations use both, some have more ad-hoc requirements where they need an on-demand solution. Traditionally, these organizations would use the Consumption UsageDetails API or the older Enterprise Agreement (EA) consumption.azure.com APIs. This month, we introduced a new on-demand solution for downloading granular cost details with the new Cost Details API – now generally available for Enterprise Agreement and Microsoft Customer Agreement accounts.

The Cost Details API comes with improved security, stability, and scalability over the UsageDetails API and aligns with the schema already being used by Cost Management exports. If you’re still using the older EA key-based APIs, then you’ll also get additional benefits like a single dataset for all cost data, including Marketplace and reservation purchases, an option to amortize reservation purchases, as well as support for splitting shared costs with cost allocation.

With the general availability of Cost Details this month, the UsageDetails and consumption.azure.com APIs are in maintenance and will not receive updates. Please migrate to scheduled exports for large accounts with a lot of cost data or to streamline recurring data dumps. If you have requirements that necessitate a more on-demand solution, please migrate to the Cost Details API.

To learn more about the Cost Details API, see Get cost details for a pay-as-you-go subscription. For additional information about when to select Exports or Cost Details, see Choose a cost details solution.

Filter cost recommendations by tag

Nearly every conversation we have with organizations starts with cost optimization and ensuring their workloads are running efficiently. And when it comes to cost optimization, we always tell people to start in Azure Advisor, which gives a great picture of high-confidence recommendations to reduce cost. At the same time, this can be daunting for large teams with resources spread across many resource groups and subscriptions. To help facilitate this, you can now filter your recommendations by tag in Azure Advisor.

With the power of tag filters, you can now get recommendations scoped to a business unit, project, or application to filter recommendations and calculate scores using tags you have already assigned to Azure resources, resource groups, and subscriptions.

To learn more, visit how to filter Advisor recommendations using tags.

How to choose the right Azure services for your applications—It’s not A or B

If you’ve been working with Azure for any period, you might have grappled with the question—which Azure service is best to run my apps on? This is an important decision because the services you choose will dictate your resource planning, budget, timelines, and, ultimately, the time to market for your business. It impacts the cost of not only the initial delivery, but also the ongoing maintenance of your applications.

Read on as Asir Selvasingh and Ajai Peddapanga summarize your options on the Azure blog to get you started on the right foot. They’ll also share details about their new e-book on the subject.

What's new in Cost Management Labs

With Cost Management Labs, you get a sneak peek at what's coming in Microsoft Cost Management and can engage directly with us to share feedback and help us better understand how you use the service, so we can deliver more tuned and optimized experiences. Here are a few features you can see in Cost Management Labs:

New: What’s new in Cost Management– Now enabled by default in Labs
Learn about new announcements from the Cost Management overview. You can opt in using Try Preview.
New: Cost savings insights in the cost analysis preview
Identify potential savings available from Azure Advisor cost recommendations for your Azure subscription. You can opt in using Try preview.
New: Forecast in the cost analysis preview
Show your forecast cost for the period at the top of the cost analysis preview. You can opt in using Try preview.
Product column experiment in the cost analysis preview
We’re testing new columns in the Resources and Services views in the cost analysis preview for Microsoft Customer Agreement. You may see a single Product column instead of the Service, Tier, and Meter columns. Please leave feedback to let us know which you prefer.
Group related resources in the cost analysis preview
Group related resources, like disks under VMs or web apps under App Service plans, by adding a “cm-resource-parent” tag to the child resources with a value of the parent resource ID.
Charts in the cost analysis preview
View your daily or monthly cost over time in the cost analysis preview. You can opt in using Try Preview.
View cost for your resources
The cost for your resources is one click away from the resource overview in the preview portal. Just click View cost to quickly jump to the cost of that particular resource.
Change scope from the menu
Change scope from the menu for quicker navigation. You can opt-in using Try Preview.

Of course, that's not all. Every change in Microsoft Cost Management is available in Cost Management Labs a week before it's in the full Azure portal or Microsoft 365 admin center. We're eager to hear your thoughts and understand what you'd like to see next. What are you waiting for? Try Cost Management Labs today. 

New ways to save money in the Microsoft Cloud

Here are new and updated offers you might be interested in:

Generally available: NVads A10 v5 GPU-accelerated virtual machines.
Generally available: Improved Try Azure Cosmos DB for free experience.
Generally available: Azure SQL Database Hyperscale Named replicas.
Preview: Create an additional 5000 Azure Storage accounts within your subscription.

New videos and learning opportunities

One new video this month for those automating reporting and optimization:

Creating context for your Advisor recommendations (eight minutes).

Follow the Microsoft Cost Management YouTube channel to stay in the loop with new videos as they’re released and let us know what you'd like to see next.

Want a more guided experience? Start with Control Azure spending and manage bills with Microsoft Cost Management.

Documentation updates

Here are a few documentation updates you might be interested in:

Added Create an Azure budget with Bicep.
Added Enable preview features in Cost Management Labs.
Updated the effective date for Reserve Bank of India directive updates in Pay your Microsoft Customer Agreement or Microsoft Online Subscription Program Azure bill.
Added details about Warned subscriptions to Azure subscription states.
Noted cost analysis date range limit of 13 months in Understand Cost Management data.
15 updates based on your feedback.

Want to keep an eye on all documentation updates? Check out the Cost Management and Billing documentation change history in the azure-docs repository on GitHub. If you see something missing, select Edit at the top of the document and submit a quick pull request. You can also submit a GitHub issue. We welcome and appreciate all contributions!

Join the Microsoft Cost Management team

Are you excited about helping customers and partners better manage and optimize costs? We're looking for passionate, dedicated, and exceptional people to help build best in class cloud platforms and experiences to enable exactly that. If you have experience with big data infrastructure, reliable and scalable APIs, or rich and engaging user experiences, you'll find no better challenge than serving every Microsoft customer and partner in one of the most critical areas for driving cloud success.

Watch the video below to learn more about the Microsoft Cost Management team:

Join our team.

What's next?

These are just a few of the big updates from last month. Don't forget to check out the previous Microsoft Cost Management updates. We're always listening and making constant improvements based on your feedback, so please keep the feedback coming.

Follow @MSCostMgmt on Twitter and subscribe to the YouTube channel for updates, tips, and tricks. You can also share ideas and vote up others in the Cost Management feedback forum and help shape the future of Microsoft Cost Management.

We know these are trying times for everyone. Best wishes from the Microsoft Cost Management team. Stay safe and stay healthy.
Quelle: Azure

Azure empowers easy-to-use, high-performance, and hyperscale model training using DeepSpeed

This blog was written in collaboration with the DeepSpeed team, the Azure ML team, and the Azure HPC team at Microsoft.

Large-scale transformer-based deep learning models trained on large amounts of data have shown great results in recent years in several cognitive tasks and are behind new products and features that augment human capabilities. These models have grown several orders of magnitude in size during the last five years. Starting from a few million parameters of the original transformer model all the way to the latest 530 billion-parameter Megatron-Turing (MT-NLG 530B) model as shown in Figure 1. There is a growing need for customers to train and fine-tune large models at an unprecedented scale.

Figure 1: Landscape of large models and hardware capabilities.

Azure Machine Learning (AzureML) brings large fleets of the latest GPUs powered by the InfiniBand interconnect to tackle large-scale AI training. We already train some of the largest models including Megatron/Turing and GPT-3 on Azure. Previously, to train these models, users needed to set up and maintain a complex distributed training infrastructure that usually required several manual and error-prone steps. This led to a subpar experience both in terms of usability and performance.

Today, we are proud to announce a breakthrough in our software stack, using DeepSpeed and 1024 A100s to scale the training of a 2T parameter model with a streamlined user experience at 1K+ GPU scale. We are bringing these software innovations to you through AzureML (including a fully optimized PyTorch environment) that offers great performance and an easy-to-use interface for large-scale training.

Customers can now use DeepSpeed on Azure with simple-to-use training pipelines that utilize either the recommended AzureML recipes or via bash scripts for VMSS-based environments. As shown in Figure 2, Microsoft is taking a full stack optimization approach where all the necessary pieces including the hardware, the OS, the VM image, the Docker image (containing optimized PyTorch, DeepSpeed, ONNX Runtime, and other Python packages), and the user-facing Azure ML APIs have been optimized, integrated, and well-tested for excellent performance and scalability without unnecessary complexity.

Figure 2: Microsoft full-stack optimizations for scalable distributed training on Azure.

This optimized stack enabled us to efficiently scale training of large models using DeepSpeed on Azure. We are happy to share our performance results supporting 2x larger model sizes (2 trillion vs. 1 trillion parameters), scaling to 2x more GPUs (1024 vs. 512), and up to 1.8x higher compute throughput/GPU (150 TFLOPs vs. 81 TFLOPs) compared to those published on other cloud providers.

We offer near-linear scalability both in terms of an increase in model size as well as increase in number of GPUs. As shown in Figure 3a, together with the DeepSpeed ZeRO-3, its novel CPU offloading capabilities, and a high-performance Azure stack powered by InfiniBand interconnects and A100 GPUs, we were able to maintain an efficient throughput/GPU (>157 TFLOPs) in a near-linear fashion as the model size increased from 175 billion parameters to 2 trillion parameters. On the other hand, for a given model size, for example, 175B, we achieve near-linear scaling as we increase the number of GPUs from 128 all the way to 1024 as shown in Figure 3b. The key takeaway from the results presented in this blog is that Azure and DeepSpeed together are breaking the GPU memory wall and enabling our customers to easily and efficiently train trillion-parameter models at scale.

(a)                                                                                          (b)

Figure 3: (a) Near-perfect throughput/GPU as we increase the model size from 175 billion to 2 trillion parameters (BS/GPU=8), (b) Near-perfect performance scaling with the increase in number of GPU devices for the 175B model (BS/GPU=16). The sequence length is 1024 for both cases.

Learn more

To learn more about the optimizations, technologies, and detailed performance trends presented above, please refer to our extended technical blog.

Learn more about DeepSpeed, which is part of Microsoft’s AI at Scale initiative.
Learn more about Azure HPC + AI.
To get started with DeepSpeed on Azure, please follow our getting started tutorial.
The results presented in this blog were produced on Azure by following the recipes and scripts published as part of the Megatron-DeepSpeed repository. The recommended and most easy-to-use method to run the training experiments is to utilize the AzureML recipe.
If you are running experiments on a custom environment built using Azure VMs or VMSS, please refer to the bash scripts we provide in Megatron-DeepSpeed.

Quelle: Azure