This week at Microsoft Ignite, we announced updates to our products to make it easier for organizations to build robust conversational solutions, and to deploy them wherever their customers are. We are sharing some of the highlights below.
Quelle: Azure
At Microsoft Ignite 2018, we shared our vision to bring together infrastructure, application, and network monitoring into one unified offering, and provide full-stack monitoring for your applications. We have since made rapid strides towards delivering that reality to our customers. From consolidating our logs, metrics and alerts platforms, and integrating existing capabilities such as Application Insights and Log Analytics, to adding new monitoring capability containers and virtual machines, and contributing back to the community through open-source projects such as OpenTelemetry. In this blog, I'll share the newest enhancements from Azure Monitor at Microsoft Ignite, including four examples of how we continue to build seamless, and integrated monitoring solution that works well for cloud-native and legacy workloads and is cost-effective. Be sure to read the full blog post to get a list of all the exciting enhancements.
Monitor containers anywhere
Customers love the convenience of the out of the box monitoring that Azure Monitor for containers provides for all their Azure Kubernetes Service (AKS) clusters. But, you also have Kubernetes clusters running outside AKS. For customers who have hybrid environments, we are now launching the ability to monitor Kubernetes clusters on-premises and on Azure Stack (with AKS Engine) in preview. Just install the container agent and you can create alerts and get insights into the performance of your on-premises workloads in the Azure portal, along with your AKS workloads. Learn more about hybrid Kubernetes monitoring.
We are also making the popular Prometheus integration generally available. Azure Monitor can now scrape your Prometheus metrics and store them on your behalf, without you having to operate your own Prometheus collection and storage infrastructure. We also have new Grafana templates for you to visualize all the performance data that is collected from your Kubernetes clusters. Learn more about the Prometheus integration and Grafana templates.
Troubleshooting network issues faster
Monitoring a typical cloud network containing application gateways, VPN connections, virtual networks, etc., is a time-consuming activity. To troubleshoot an issue, you need to know the specific networking resources that support your application and scan for the health of these resources across multiple subscriptions and resource groups.
The Network Insights preview in Azure Monitor provides a single dashboard that gives you visibility into network topology, dependencies, health, and other key metrics for related network resources. The insights are derived from data that’s available in Azure Monitor today, so no additional setup or configuration is required.
With Network Insights, you have visibility into the health of your network across all of your subscriptions. Intuitive search and detailed topology maps enable faster drill-downs, help localization of networking issues, and suggest remediation in a matter of minutes. Learn more about Network Insights.
Work better and collaborate with workbooks
We've gotten great feedback from customers on Azure Monitor workbooks because it gives you a single tool that can combine text, analytic queries, metrics, and parameters into a rich interactive report that you can share with your team members and collaborate.
We have seen customers use workbooks in several ways including exploring the usage of an app, going through a root cause analysis, putting together an operational playbook, and more. We are now making workbooks generally available. Since the launch in preview, we have added support for a number of new data sources, including Azure Data Explorer, Azure Resource Graph, Azure Monitor Logs, Metrics, Alerts, etc., and added visualization options such as charts, grids, tiles, honeycombs, and maps. The Azure Monitor Workbook platform now forms the basis of new monitoring experiences in Azure services such as Azure Sentinel, Storage accounts, Azure Cosmos DB, Azure Active Directory, and SAP Hana. Learn more about Azure Monitor workbooks.
In addition to the highlights of the innovation that we are driving above, here are even more detailed new capabilities we're delivering today:
New agent and additions to profiling and tracing capabilities in Application Insights: For customers who have ASP.NET applications hosted on Azure Virtual Machines (VMs) running IIS, we are adding a new “codeless” onboarding method that uses an agent and does not require access to the code. Learn more.
We've added the ability to specify central processing units and memory thresholds for the Application Insights Profiler, so you have better control of when to collect traces. Learn more.
We've also added a source code view (via decompilation) in Application Insights Snapshot Debugger to allow you to quickly diagnose the failing code.
Application change analysis enhancements: We have added a lot of features for application change analysis to help you scale. We have introduced the ability to turn on application change analysis at an App Services plan level, you can now see resource manager changes for any resource, and there are richer diagnostics for common scenarios (such as VMs + VNET, SQL server, and Storage). We also added an impact analysis feature to see downstream dependencies for a change and revamped the user experience. Learn more.
Traffic Analytics accelerated processing: The new accelerated processing option in Traffic Analytics allows you to process NSG Flow logs at 10-minute intervals. Learn more.
Live container metrics and live deployments (preview): We are adding the ability to see live performance metrics and live deployments in your AKS cluster. Together with the live events and live logs features, you can get a near real-time performance and health view of your AKS cluster and troubleshoot issues faster.
Log integrations: Using the new Subscription Diagnostic settings, you can now stream every type of activity log for your subscription to Azure Monitor Logs, Event Hub, and Storage and no longer need Subscription Log Profiles or Log Analytics Activity Log connector. In addition, you can now export log data from services such as Azure App Services and Azure Storage accounts directly to Azure Monitor. These features are available for free while in preview.
Azure Monitor for Cosmos DB: You can now view usage, failures, capacity, throughput, and operations for your Azure Cosmos DBs across your subscriptions. You can see the rollups at subscription, Azure Cosmos DB level or the individual container level and then drill through to the resource for further troubleshooting.
Our customer feedback has been instrumental in shaping these features, and we hope you'll keep the feedback coming. If you have any questions or suggestions, reach out to our Tech Community forum.
Azure. Invent with purpose.
Quelle: Azure
This blog post was co-authored by Jeremy Winter, Partner Director and Tanuj Bansal, Senior Director for Microsoft Azure.
At last year's Microsoft Ignite 2018, we shared best practices on how to move to the cloud and why Azure is the best destination for all your apps, data, and infrastructure. Since then, we’re happy to share that a number of customers have joined us on Azure—H&R Block, Albertsons, Devon Energy, and Carlsberg Group, just to name a few. Azure has helped these customers drive innovation, enhance their security posture, and reduce costs with unique offers such as Azure Hybrid Benefit.
At this week’s Microsoft Ignite event in Orlando, we shared the approach these customers took and more news in Azure migration sessions and one-on-one architecture review sessions with Azure engineers.
In this blog, we want to share some of the exciting news we shared at Microsoft Ignite.
Accelerating customer success: Azure Migration Program (AMP)
Since its launch in July, AMP has seen an enthusiastic reception with more than a thousand customers entering the program for migration projects ranging across Windows Server, SQL Server, and Linux workloads. To recap, AMP offers customers:
Technical skill building with foundational, workload, migration, and role-specific courses to build Azure skills for long-term success to enable organizational readiness.
Curated, step-by-step guidance from Microsoft experts and specialized migration partners based on our Cloud Adoption Framework methodology.
Free Azure migration tools including Azure Migrate to assess and migrate workloads, and Azure Cost Management to optimize cloud costs.
Unique offers to reduce migration costs, including Azure Hybrid Benefit and free Extended Security Updates for Windows Server 2008 and SQL Server 2008.
“We are on a multi-year transformation journey, and cloud migration is an important first step. Azure Migration Program offered the right mix of training, best practice guidance, tooling, and specialized partners to best meet our needs. Importantly, Microsoft was prepared to work hand in hand with us and showed deep commitment to our success.”
– Marc Gunter, Vice President of Infrastructure, Planning and Engineering, Canadian Imperial Bank of Commerce, CIBC
AMP engagements begin by asking and addressing questions on organizational leadership rather than around technology or product. For example:
Have you identified an executive sponsor?
Have you identified your business, application, and IT team participants?
Have you developed a business case with an initial assessment of your on-premises estate and a total cost of ownership (TCO) analysis?
Have you identified a partner to help you with migration?
Ultimately, the answers to these questions form the basis of a robust migration plan. To help accelerate this step, customers can now use the new self-serve tool, Strategic Migration Assessment & Readiness Tool (SMART). More details are available in this whitepaper.
Check out this video to learn more about Azure Migration Program and apply today. Get prescriptive self-serve guidance at Azure migration center.
New Azure Migrate capabilities–your hub for all things migration
In parallel with our Azure Migration Program efforts, we’ve continued investing in product innovation to improve the migration experience for customers. Azure Migrate is a one-stop hub for all your migration needs across applications, infrastructure, and data; delivering a simplified, end-to-end migration experience, with a choice of Microsoft and partner tools.
Building on our July release, we're excited to announce support for new migration scenarios and several new capabilities described below.
Application migration
Many of you run .NET web applications on-premises that address internal line-of-business and customer-facing scenarios. Based on your feedback, we have streamlined and automated the Azure migration journey for these applications. Azure Migrate now integrates with App Service Migration Assistant to provide a comprehensive experience for migrating .NET applications to Azure App Service.
New Infrastructure Migration for virtual desktop infrastructure (VDI)
Your organization may require a virtualized desktop experience for reasons like meeting compliance regulations, securing access to sensitive data, and managing access to corporate data and apps for a mobile workforce. Windows Virtual Desktop provides the best-virtualized Office and Windows experience on Azure. We have integrated with Lakeside, a Microsoft partner, to enable assessment of on-premises virtual desktops for migration to Windows Virtual Desktop (WVD) on Azure.
New Server Assessment and Migration Capabilities
Since our acquisition of Movere, we have been hard at work integrating its capabilities into our toolsets. We're pleased to announce that this work is now complete—customers can now consume Movere’s innovative discovery and assessment capabilities from Azure Migrate.
We're also announcing discovery of on-premises physical servers, in addition to the existing VMware, and Hyper-V support.
Server Assessment now also provides application discovery capabilities, giving you visibility into the applications installed, their roles, features, and versions enabled on your on-premises virtual machines, which will help you identify the right migration path for each underlying workload. Application discovery is now available for VMware virtual machines.
Many of you have been using the dependency visualization capability to identify all the components that make up your application along with their interdependencies. We have now enabled agentless dependency visualization for VMware virtual machines, currently in preview.
Agentless server migration for VMware virtual machines has also graduated from preview to general availability.
We have significantly streamlined the process of uploading configuration and performance data of your on-premises servers into Azure Migrate. Now, you can simply use CSV import-based discovery to upload virtual machine configuration and performance details in CSV format. Once the server inventory is uploaded, you can then create assessments on the imported data without having to do appliance-based discovery.
Get started with Azure Migrate, learn more from our documentation, and try our preview features. Visit our UserVoice forum if you would like to provide feedback or learn more about our roadmap.
Azure. Invent with purpose.
Quelle: Azure
This post is co-authored by Tina Coll, Senior Product Marketing Manager, Azure Cognitive Services and Anny Dow, Product Marketing Manager, Azure Cognitive Services.
Azure Cognitive Services brings artificial intelligence (AI) within reach of every developer without requiring machine learning expertise. All it takes is an API call to embed the ability to see, hear, speak, understand, and accelerate decision-making into your apps. Enterprises have taken these pre-built and custom AI capabilities to deliver more engaging and personalized intelligent experiences. We’re continuing the momentum from Microsoft Build 2019 by making Personalizer generally available, and introducing additional advanced capabilities in Vision, Speech, and Language categories. With many advancements to share, let’s dive right in.
Personalizer: Powering rich user experiences
Winner of this year’s ‘Most Innovative Product’ award at O’Reilly’s Strata Conference, Personalizer is the only AI service on the market that makes reinforcement learning available at-scale through easy-to-use APIs. Personalizer is powered by reinforcement learning and provides developers a way to create rich, personalized experiences for users, even if they do not necessarily have deep machine learning expertise.
Giving customers what they want at any given moment is one of the biggest challenges faced by retail, media, and e-commerce businesses today. Whether it’s applying randomized A/B tests or supervised machine learning, businesses struggle to keep up with delivering unique and relevant experiences to each user. This is where Personalizer comes in, exploring new options to stay atop of previously unencountered influences on user behavior through a cutting-edge machine learning technique known as reinforcement learning. This technique allows Personalizer to learn from what’s happening in the world in real-time and update the underlying algorithm as frequently as every few minutes. The result is a significant improvement to your app usability and user satisfaction. When XBOX implemented Personalizer on their homepage, they saw a 40 percent lift in user engagement.
Form Recognizer: Increase efficiency with automated text extraction and feedback loop
Businesses often rely on a variety of documents that can be hard to read; these documents are not always cleanly printed, and many include handwritten text. Businesses including Chevron use Form Recognizer to accelerate document processing through automatic information extraction from printed forms. This frees their employees to focus on more challenging and higher-value tasks.
Form Recognizer extracts key-value pairs, tables, and text from documents including W2 tax statements, oil and gas drilling well reports, completion reports, invoices, and purchase orders. Today we are announcing feedback loop support to enable even more accurate data extraction. Users will be able to provide labeled examples of the specific values they want extracted. This feature enables Form Recognizer to support any type of form including values without keys, keys under values, tilted forms, photos of forms, and more. Starting with just 10 forms, users can train a model tailored to their use case with high-quality results. A new user experience gets you started quickly, selects values of interest, labels, and trains your custom model.
In addition, Form Recognizer can now train a single model without labels for all the different types of forms, and supports training on large datasets and analyzing large documents with the new AsyncAPI. This benefit enables customers to train a single model for the different types of invoices, purchase orders, and more without the need to classify the documents in advance.
We have also enhanced our pre-built receipts capabilities with accuracy improvements, additional new fields for tips, receipt types (itemized, credit card slip, gas, parking, other), and line item extraction detailing all the different items in the receipt. Finally, we have also improved the accuracy of our text recognition enabling extraction of high-quality text from the forms and our table extraction.
Sogeti, part of Capgemeni, is harnessing these new Form Recognizer capabilities. As Arun Kumar Sahu, the Manager of AI ML for Sogeti notes:
“We are working on a document classification and predictive solution for one of the largest automobile auction companies in the US, and needed an efficient way to extract information from various automobile related documents (PDF or image). Form Recognizer was quick and easy to train and host, was cost effective, handled different document formats, and the output was amazing. The new labelling features made it very effective to customize key value pair extraction.”
Speech: Enable more natural interactions and accelerate productivity with advanced speech capabilities
Businesses want to be able to modernize and enable more seamless, natural interactions with their customers. Our latest advancements in speech allow customers to do just that.
At Microsoft Ignite 2018, we introduced our neural text-to-speech capability, which uses deep neural networks to enable natural-sounding speech and reduces listening fatigue for users interacting with AI systems. Neural text-to-speech can be used to make interactions with chatbots and virtual assistants more natural and engaging, convert digital texts such as e-books into audiobooks, and enhance in-car navigation systems. We’re excited to build upon these advancements with the Custom Neural Voice capability, which enables customers to build a unique brand voice, starting from just a few minutes of training audio. The Custom Neural Voice capability can enable scenarios such as customer support provided by a company’s branded character, interactive lesson plans or guided museum tours, and voice assistive technologies. The capability also supports generating long-form content, including audiobooks.
The Beijing Hongdandan Education and Culture Exchange Center is dedicated to using audio to create accessible products for those with visual impairments and improving the lives of the visually impaired by providing aids such as audiobooks. Hongdandan is using the Custom Neural Voice capability to produce audiobooks based on the voice of Lina, who lost her sight at the age of 10. Lina is now a trainer at the Hongdandan Service Center, using her voice to teach others who are visually impaired to communicate well.
With the rapid pace at which business is moving today, remembering all the details from your last important meeting and tracking next steps and key deadlines can be a real challenge. Quickly and accurately transcribing calls can help various stakeholders stay on the same page by capturing critical details and making it easy to search and review topics you discussed. In customer support scenarios, being able to hear and understand your customers and keep an accurate record of information is critical for tracking customer requirements and enabling broader analysis.
However, accurately transcribing organization-specific terms like product names, technical terms, and people's names pose another barrier. With Custom Speech, you can tailor speech recognition models based on your own data so that your unique terms are accurately captured. Simply upload your audio to train a custom model. Now, you can also optimize speech recognition on your organization-specific terms by automatically generating custom models using your Office 365 data in a secure and compliant fashion. With this opt-in feature, organizations using Office 365 can more accurately transcribe company terminology, whether in internal meetings or on customer calls. The organization-wide language model is built only using conversations and documents from public groups that everyone in the organization can access.
Additional new features such as Custom Commands, Custom Speech and Voice containers, Speech Translation with automatic language identification, and Direct Line Speech channel integration with Bot Framework are making it easier to quickly embed advanced speech capabilities into your apps. For more information, visit the Azure Speech Services page.
Language: Extract deeper insights from customer feedback and text documents
There are a multitude of valuable customer insights captured today—whether in social media, customer reviews, or discussion forums. The challenge is being able to extract insights from that data, so businesses can act fast to improve customer service and meet the needs of the market. With the Text Analytics Sentiment Analysis capability, businesses can easily detect positive, neutral, negative, and mixed sentiment in content, enabling them to keep an ongoing pulse on customer satisfaction, better engage their customers, and build customer loyalty. The latest release of the Sentiment Analysis capability offers greater accuracy in sentiment scoring, as well as the ability to detect sentiment for both an entire document as well as individual sentences.
Another challenge of extracting information from your data is being able to take unstructured natural language text and identify occurrences of entities such as people, locations, organizations, and more. Text Analytics is expanding entity type support to more than 100 named entity types, making it easier than ever to extract meaningful information and analyze relationships from raw text and between terms. Additionally, customers will now be able to detect and extract more than 80 kinds of personally identifiable information in English language text documents.
We are also adding several new capabilities to Language Understanding Intelligent Service (LUIS) that enable developers to build sophisticated models that are conversational. The new capabilities provide the ability to handle more complex requests from users (as an example, if you want to allow customers to truly use natural language, they might order ‘Two Burgers with no onions and replace buns with lettuce wraps’). This provides customers with the advanced ability for hierarchical entities and model decomposition, to build more sophisticated language models that reflect the way humans speak. In addition, we are adding more regions and further enhancing the existing human languages supported in LUIS with the addition of Hindi and Arabic.
Enterprise Ready: Azure Virtual Network for enhanced data security
One of the most important considerations when choosing an AI service is security and regulatory compliance. Can you trust that the AI is being processed with the high standards and safeguards that you come to expect with hardened, durable software systems? Azure Cognitive Services offers over 70 certifications. Today we are offering Virtual Network support as part of Cognitive Services to ensure maximum security for sensitive data. This service also is being made available in a container that can run in a customer’s Azure subscription or on-premises.
Get started today
We are continuing to enable new powerful and intelligent scenarios for our customers that improve their productivity and user experiences. The incredible breadth of services available through Azure Cognitive Services enables you to extract insights from all your data. Using these new announcements, you can accurately extract text from forms using Form Recognizer, analyze and understand this text using Text Analytics and LUIS, and finally, provide these insights to your users through a spoken, conversational interface with our speech services.
These milestones illustrate our commitment to make the Azure AI platform suitable for every business scenario, with enterprise-grade tools that simplify application development and industry-leading security and compliance for protecting customers’ data.
Get started today by building your first intelligent application using an Azure free account and learn more about Cognitive Services.
Azure. Invent with purpose.
Quelle: Azure
APIs are everywhere. The broad proliferation of applications throughout enterprises often results in large silos of opaque processes and services, making it hard for IT to manage and govern APIs in a systematic way, and for development teams to gain visibility into and make use of APIs that already exist.
Entire industries, such as financial services, are embracing APIs as a means to become more open, for example with open banking initiatives. Open banking is an API-first approach to creating more open, rich ecosystems that encourage third-party participation and usage of the services financial institutions have previously kept behind the scenes.
Products, such as Azure API Management, were created to address these issues. By letting you manage all APIs in a single, centralized location, you are able to impose authentication, authorization, throttling, and transformation policies and easily monitor the usage of the APIs associated with your applications, giving you the much-needed visibility into your application portfolio(s) at a macro-level.
To succeed in an increasingly connected world, it is key to adopt an API-first approach that lets you:
Embrace innovation by creating vibrant API ecosystems.
Secure and manage APIs seamlessly in a hybrid world.
APIs can be a bridge to the uncertain future and help you safely traverse over turbulent waters.
Embrace innovation by creating vibrant API ecosystems
Microsoft offers all of the tools to be able to immediately capitalize on new opportunities as they emerge in the business landscape. Our infrastructure technologies, such as Kubernetes and serverless computing, accelerate development velocity and help developers move faster than ever before. Our API technologies, such as API management, accelerate the speed at which new opportunities can be acted upon, by immediately providing channels for partners, developers, customers, and other third-parties to leverage new technology which is created. These types of activities are often done with tools such as an API developer portal.
Azure API Management’s developer portal lets you easily grant access (and control) to APIs. The developer portal provides documentation on how to use the APIs and creates a simple, easy way for people to get started. A developer portal is an integral part of any API-first approach, which is why we’re announcing the general availability of our greatly improved developer portal experience.
You can now easily customize the developer portal with a visual user interface, helping create a branded experience. The developer portal is open-source and built with extensibility in mind. You can easily fork our exacting repository and customize it to meet your needs. It was created using contemporary JAMstack technologies that significantly reduce page load times, to make it as frictionless of user experience as possible.
You can learn more about this announcement by reading our Azure Update on the release.
Secure and manage APIs seamlessly in a hybrid world
Today’s most popular API management solutions run in public clouds. And while having a purely cloud-based API management service can work for pretty much all scenarios, it’s not always the best choice. Perhaps compliance requirements mandate that information must stay on the corporate network, or maybe accessing the cloud is prohibited by company policy. Whatever the reason, scenarios like this can’t use an API management service running in any public cloud; the service must run on-premises.
To meet your hybrid requirements, we’re announcing the preview of Azure Arc enabled API Management, a self-hosted API gateway. The new self-hosted API gateway doesn’t replace the primary cloud-based API management service. Instead, it augments this service by providing the essential aspects of API management in software that organizations can run wherever they choose.
It adds a containerized version of the Azure API Management gateway you can host on-premises or another environment that supports the deployment of Docker containers. It enables more efficient call patterns for internal-only and internal and external APIs and is managed from a cloud-based Azure API Management instance. Azure Arc enabled API Management enables you to run the self-hosted API management gateway in your own on-premises datacenter or run the self-hosted API management gateway in another cloud.
Read the whitepaper we’ve released, API management in a hybrid and multi-cloud world, which goes into further detail technical detail on Azure Arc enabled API Management, as well as the strategic benefits you receive when adopting this approach.
Or, you can start a free trial of Microsoft Azure and check out API Management for yourself.
Heading into the future
APIs are the way that businesses will continue to communicate. The growth of APIs has continued to increase, and the rise of the API product is happening right now. Many different companies now offer API-first products and are a powerful reminder that a well thought out API strategy is going to be key to any business' strategy moving forward.
To learn more about what APIs and API Management can do for you, you can visit API Management on Azure.
Azure. Invent with purpose.
Quelle: Azure
At Microsoft Ignite we're sharing the many new capabilities our teams have built to improve security with Azure Security Center and the Azure Platform. We have a long list of new innovations, and this blog provides our general direction and summarizes some of our favorite new features. For more information, you can read all the details in our Azure Security Center Community post.
Turn on the protection you need with Azure Security Center
Azure Security Center provides unified infrastructure security management that strengthens security posture and provides advanced threat protection across your workloads running in Azure, on-premises, and in other clouds. It enables continuous assessment of security posture, protects against cyberattacks using Microsoft’s vast threat intelligence, and helps implement security faster with integrated controls.
With Security Center, you can monitor the security of machines, networks, and Azure services using hundreds of built-in security assessments or create your own in a central dashboard.
Extending Azure Security Center’s coverage with a platform for community and partners
A constantly evolving threat landscape requires new approaches to protection, cloud security posture, enterprise-scale deployment, and automation. Through partnering with members of the Microsoft Intelligent Security Association, Microsoft is able to leverage a vast knowledge pool to defend against a world of increasing cybersecurity threats.
Leverage all of Security Center's capabilities against built-in and partner recommendations. Azure Security Center's simple onboarding flow connects existing solutions, including Check Point CloudGuard, CyberArk, and Tenable, enabling you to view all security posture recommendations in a single place. Run unified reports and export Security Center’s recommendations for connected partner products.
We invite users to contribute and help improve policies and configurations used in Security Center through the Azure Security Center community menu for additional scripts, content, and community resources.
Enhanced threat protection for cloud resources
Threat protection detects and prevents attacks across a wide variety of services, from infrastructure as a service (IaaS) layer to platform as a service (PaaS) resources in Azure, including Azure IoT and Azure App Service, and on-premises virtual machines.
Stream threat detection findings to Azure Sentinel for investigation, threat hunting, correlation with signals from other security solutions, and security operations center (SOC) level management.
The latest threat protection capabilities include:
Threat protection and vulnerability assessment support for SQL Server hosted on an Azure Virtual Machine.
Vulnerability assessment capabilities for VMs is part of our virtual machine protection offering (powered by Qualys) at no additional cost. Security Center collects the vulnerabilities and displays them as part of the secure score.
Threat protection suite for containers focusing on Azure Kubernetes Service (AKS) includes scanning of container images for vulnerabilities, secure configuration of the AKS cluster, and threat detection on the Kubernetes runtime activities.
Threat protection for Azure Key Vault is in preview in North America regions. This provides an additional layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit your encryption keys, certificates, and secrets in Azure Key Vault.
Threat protection for Azure Storage offers new detections powered by Microsoft Threat Intelligence for detecting malware uploads to Azure Storage using hash reputation analysis and suspicious access from an active Tor exit node (an anonymizing proxy.) You can now view detected malware across storage accounts using Azure Security Center.
Cloud security posture management enhancements
Misconfiguration is the most common cause of security breaches for cloud workloads. Security Center provides a bird’s eye security posture view across your Azure environment, enabling you to continuously monitor and improve your security posture using the Azure secure score. Security Center helps manage and enforce your security policies to identify and fix misconfigurations across different resources and maintain compliance.
New capabilities:
Secure score simplified: Use the updated, percentage based secure score to get better visibility into the secure score controls and provide a more reliable method for calculating the score.
Address misconfigurations faster with new quick-fix capabilities.
Add custom assessments, created in Azure Policy, into the secure score and monitor their compliance state in Security Center.
Automatically assess compliance state against a new set of regulatory standards, including NIST SP 800-53 R4, SWIFT CSP CSCF v2020, Canada Federal PBMM, and UK Official together with UK NHS.
Misconfigurations are the leading source of attacks and improving your secure score can make a remarkable difference in your overall security posture.
Implement security faster with Azure Security Center
To enable large organizations to leverage Security Center’s findings in enterprise-scale, Azure Security Center continues to provide clear APIs, automation, and management capabilities that can help customers connect Security Center to workflows, processes, and tools used across the organization.
A new capability in Security Center enables the creation of rich workflows using Azure Logic Apps and policies trigger based on a recommendation or alert. Configure a logic app to perform a custom action supported by the vast community of Logic App connectors, or use one of the templates provided, including to send an email or open a service ticket.
Security from the ground up
In addition to Azure Security Center updates, we have several additional enhancements for Azure platform security. To empower you to do more, we are continuously enhancing the platform services to improve existing offerings and address your feedback.
Here are some of the exciting updates coming to the platform.
Extension of Customer Lockbox for Microsoft Azure beyond virtual machines
Customer Lockbox provides customers the capability to control Azure support engineers' access to workloads that contain customer data This expanded support now provides customers control over access to their data for a larger set of Azure offerings.
New services and scenarios, available in preview:
Azure Storage
Azure SQL Database
Azure Data Explorer
Memory dumps and managed disks for Azure Virtual Machines
Transferring Azure subscriptions
Release of Microsoft Secure Code Analysis toolkit to help you build secure code
With the Microsoft Security Code Analysis extension, you can infuse security analysis tools including Credential Scanner, BinSkim, and others into your Azure DevOps continuous integration and delivery (CI/CD) pipelines. Increase developer productivity and simplify security through easily configurable build tasks that abstract away the complexities (installing, updating, maintaining, and running) from analysis tools without relinquishing control over them.
This product is now available via Unified Support. Customers can sign up using their existing credit or paying the service fee. To learn more please visit the Microsoft Secure Code Analysis documentation page.
Azure Disk Encryption in more places, and more services offering customer-managed keys
Azure Disk Encryption enables you to encrypt your Azure Virtual Machine disks with your keys safeguarded in Azure Key Vault. Previously this capability was available through PowerShell and CLI. We have now added this capability to the Azure portal, which makes it very easy to use. We have also added support for the latest versions of the common Linux distros on Azure, including Red Hat Enterprise Linux 7.6 and 7.7 as well as CentOS Linux 7.6 and 7.7.
Try it yourself using Quickstart for Windows or Quickstart for Linux now.
The following services recently announced preview for customer-managed keys for encryption at rest.
Azure Event Hubs
Azure Managed Disks
Power BI
For a full list of services offering encryption with customer-managed keys, see the Azure Data Encryption-at-Rest documentation page.
New Azure policies to manage certificates across your organization, currently in preview
Large organizations have thousands of certificates in key vaults distributed across thousands of applications and subscriptions. If you are responsible for security and compliance across the organization, you need a simple way to set rules across all these certificates, prove that those rules were followed, and flag violations. Azure policy helps with this. We have added new policies in preview for certificates in Azure Key Vault.
Issuer Policy: Flag certificates that are (or are not) issued by a particular issuer.
Key Type Policy: Flag certificates that are (or are not) protected by a RSA or ECC key pairs.
Key Size Policy: Flag certificates that are (or are not protected) by a key of a certain size.
Expiry Policy: Flag certificates that are (or are not) renewed within “X” number of days of their expiry date.
Validity Lifespan Policy: Flag certificates that have (or do not have) Validity Lifespan that is less than, or more than, or equal to "X" number of years.
For more information see the documentation for Azure Key Vault governance policies.
Azure Key Vault Virtual Machine extension now generally available
The Azure Key Vault Virtual Machine extension makes it easier for apps running on virtual machines to use certificates from a key vault, by abstracting the common tasks as well as best practices—authenticate, handle common network errors, cache, periodically refresh the certificate from the key vault, and bind the certificate for Transport Layer Security (TLS).
This extension is now generally available for Windows and Linux.
Free Azure managed certificates for your domains on Azure
We want to make sure there are no reasons not to use TLS in your Azure applications. Azure now provides TLS certificates at no cost to you for your custom domains hosted on the following services. Azure renews these certificates automatically.
Azure CDN managed certificates (generally available.)
Azure Front Door managed certificates (generally available.)
Azure App Service managed certificates for both web apps and functions (currently in preview.)
We will expand this to other Azure PaaS services in the future.
Note that this is just one of your options. If you have a need to use certificates from a different certificate authority (CA), then you have the option to configure these Azure services to use a certificate you manage in your key vault.
Learn more
With these additions, Azure continues to provide a secure foundation and gives you built-in security tools and intelligent insights to help you rapidly improve your security posture in the cloud. Azure Security Center strengthens its role as the unified security management and advanced threat protection solution for your hybrid cloud.
For Azure app developers:
Use the Microsoft Secure Code Analysis toolkit to inspect your code for security issues.
Enable TLS for your Azure CDN, Front Door, and App Service (web app and function) resources.
Evaluate the new Azure Virtual Machine extension for Azure Key Vault to simplify how your app uses certificates from Azure Key Vault (for Windows and Linux).
For users responsible for security across their organizations:
Evaluate Azure Policy, including the new Key Vault policies, to ensure developers across your organization follow the rules you set for security and compliance.
Security can’t wait. Get started with Azure Security Center today and visit Azure Security Center Tech Community, where you can engage with other security-minded users like yourselves.
Azure. Invent with purpose.
Quelle: Azure
Each day more and more organizations experience the benefits of cloud native development. Using products like Azure Kubernetes Service (AKS), they’re able to build distributed applications that are more resilient and dynamically scalable, while enabling portability in the cloud and at the edge. Most of all, organizations want to use Kubernetes and cloud native technology to innovate faster in the enterprise where security, governance, and compliance are top of mind. We have been listening and we are happy to share several innovations designed to accelerate cloud native application delivery on Azure, powered by Kubernetes and AKS.
Streamlined developer experience
Git and GitHub have changed the way modern software is written. Pull requests (PRs) are now central to the how development teams collaborate. While PRs are a great way to review specific code changes, it can be difficult to see how that code integrates with the rest of a complex microservices architecture. Dev Spaces with GitHub Actions PR flow for AKS solves this problem by automatically deploying review versions of your pull requests to a sandbox environment where you can easily perform end-to-end testing on any changes in your pull request branch. This speeds the PR testing process, allows team members to confidently approve pull requests after ensuring that the new changes will not negatively impact other parts of the application. It also enables other team members, such as product managers and designers, to easily participate in the review process.
Dev Spaces connect, available in preview, allows developers to develop and test an individual service on their local workstation in the context of the broader application running in a shared AKS cluster, all without affecting other processes running in that cluster. With tools like Dev Spaces and Visual Studio Code Kubernetes extension, we help customers accelerate their containerized app development. It’s great to see a leading firm like Forrester state in a recent report that Microsoft “leads the pack with the strongest developer experience and global reach”.1
Reliable and scalable Kubernetes clusters
As enterprises continue to adopt Kubernetes and AKS at an incredible rate, we see an increasing number of mission-critical customer workloads that have strenuous requirements around reliability and scalability. AKS support for availability zones, cluster-level autoscaling, and multiple node pool support are now generally available. As Bosch has shared, Azure provides a simplified Kubernetes experience and helps you deliver reliable and scalable service more easily. It’s click and scale, or better yet, scale automatically using the autoscaling functionality in AKS.
For customers who need to operate across the globe, AKS is also now available in 36 regions including Germany West Central, Switzerland North, Switzerland West and UAE North, more regions of managed Kubernetes than any other cloud.
Operate seamlessly on-premises, in the cloud, and at the edge
The use of Kubernetes is growing everywhere. It’s growing in the cloud with products like AKS, but it’s also growing beyond cloud with clusters sprouting up on-premises and on the edge. To help our customers manage and govern these environments, we are introducing Azure Arc enabled Kubernetes clusters. By installing an agent on your Kubernetes cluster, you can now register your Kubernetes clusters in Azure no matter where they are running and provide a unified management and governance model, including centralized policy controls, role-based access control (RBAC), and configuration management through a simple GitOps workflow. This means you can use a simple GitHub pull request flow to securely deploy workloads to hundreds or thousands of Kubernetes clusters, all managed from the Azure portal.
Looking for a way to get a Microsoft-supported version of Kubernetes running on premises, on the edge, or even in a fully disconnected environment? Microsoft offers Kubernetes across our Azure Stack Hub portfolio of products. Kubernetes on Azure Stack Hub is now generally available featuring cluster lifecycle management capabilities. You can now easily provision Kubernetes clusters on Azure Stack Hub and automate the creation, update, patching, scaling and deletion of these clusters using simple command line tools. We are also introducing Kubernetes on Azure Stack Edge, which is an Azure-managed edge computing appliance with either FPGA or new GPA acceleration for powerful machine learning inferencing capabilities. Azure Stack Edge simplifies Kubernetes operations by automatically creating a cluster of appliances and connecting it to the cloud for you, where you can use Azure Arc to deploy and configure applications across all your Kubernetes clusters.
Easily monitor and troubleshoot
Kubernetes and cloud native systems have many moving parts. Managing these systems at scale requires top notch monitoring and observability tools. One such tool is Prometheus, a Cloud Native Computing Foundation (CNCF) project which has emerged as the standard mechanism for gathering metrics in the cloud native ecosystem. Prometheus integration with Azure Monitor is now generally available. Azure Monitor can now scrape your Prometheus metrics and store them on your behalf, without you having to operate your own Prometheus collection and storage infrastructure. We have Grafana templates so you can visualize the performance data from AKS. Today we are also introducing live container metrics from Azure Monitor. Live metrics and deployments, combined with live logs and events capabilities, provide a real-time view of what’s happening in AKS clusters and deployments, helping to diagnose and resolve issues faster than ever. Check out how Hafslund Nett has leveraged Azure Monitor together with AKS to speed development and testing without losing control over security and performance.
A secure, enterprise-grade foundation
Kubernetes and cloud native models can be challenging to secure and govern. This is especially true for container images, which can house new classes of operating system and library vulnerabilities. To address it, Azure Security Center performs vulnerability assessments on container images stored in Azure Container Registry. It can now scan the container registries within a customer’s subscription and provide recommendations to address specific vulnerabilities. We are also introducing a new set of threat protection features from Azure Security Center including discovery of AKS clusters in your cloud environment, actionable recommendations on how to help your clusters comply with security best practices, and threat detection based on host and cluster analytics.
The cloud-native space continues to evolve rapidly, with new technologies and patterns emerging every day. The pace of innovation is exciting, but it can also be frightening especially for more conservative enterprises. With these innovations, we are further lowering the barriers to adopt cloud-native technologies. If you are new to Kubernetes, check out Kubernetes overview, learning videos and workshop. Kubernetes is defining the future of applications. Join thousands of Azure Kubernetes customers and start your Kubernetes journey with Azure.
Azure. Invent with purpose.
1The Forrester New Wave™: Public Cloud Enterprise Container Platforms, Q3 2019
Quelle: Azure
The mission for our blockchain investments has remained steadfast since the beginning, with the goal of democratizing complex technologies and creating connections across organizational boundaries to solve shared problems in a trusted manner. With this in mind, our roadmap has been focused on building an open and scalable platform to advance the adoption of blockchain in the enterprise.
We have seen this approach resonate with our customers time and time again. A real-world example powered by Azure blockchain technology is GE Aviation’s next-generation blockchain solution that tracks the genealogy of engine parts to improve productivity and safety for airlines.
"Microsoft has taken blockchain from an art and transformed it into a science by fundamentally improving each aspect of the software stack. We’ve benefited from the innovation of no-code logic apps for data ingestion, off-chain storage with Azure SQL Database and Azure Cosmos DB, and analytics visualization via Power BI. The rich integration of these Azure services with Azure Blockchain Service and Azure Blockchain Workbench have enabled us to get our solutions into the hands of our customers much faster with a lot less complexity." – David Havera, Blockchain Leader, GE Aviation Digital Group
With this in mind, we're announcing a wave of innovation designed to simplify and accelerate blockchain adoption across the whole stack.
Accelerating blockchain adoption with Microsoft Azure Blockchain Tokens
Since launching Azure Blockchain Service, our customers have asked for a simple mechanism to tokenize physical or digital assets to accelerate blockchain deployments. Today, we’re launching the preview of Azure Blockchain Tokens, which simplifies the ability to define, create, and manage compliant tokens that are built on industry standards. Azure Blockchain Tokens (preview) provide pre-built templates for common scenarios and will support a gallery of templates created by partners in the future. With this latest offering, we can now offer customers an end-to-end experience of easily creating and managing tokens for physical or digital assets via Azure Blockchain Tokens (preview), in addition to managing the blockchain network itself via Azure Blockchain Service.
CEEK Virtual Reality, a streaming platform for live and recorded virtual and augmented reality experiences, uses Azure Blockchain Tokens to create a trusted platform for royalty payments. Smart tickets (a form of a token) allow content creators to track content viewership, ensuring royalty payout to creators is based on trusted data.
"CEEK Virtual Reality was looking for a trusted partner to help us with content viewership verification on the blockchain, and Azure Blockchain Tokens was perfect because it helped to drastically reduce our time to market and offered a trusted partner for providing proof on the blockchain." – Mary Spio, CTO, CEEK VR
Enhancing Azure Blockchain Service with blockchain data manager and additional ledger choice
Azure Blockchain Service has seen fantastic adoption since launch, with customers using it to simplify the management and formation of their blockchain networks so they can focus on business logic. Today, we’re making Azure Blockchain Service even better with the preview of blockchain data manager. Blockchain data manager (preview) is a new feature of Azure Blockchain Service that captures blockchain ledger data, transforms it (including decoding encrypted event and property state data), and then delivers that data to multiple sources via Azure Event Grid to off-chain databases like Azure Cosmos DB or Azure SQL Database. Blockchain data manager (preview) supports both public and private transaction data and greatly simplifies the cumbersome task of integrating existing applications with data that sits on a blockchain ledger.
In addition to simplifying blockchain data integration into existing applications, providing choice and flexibility is central to our investments in Azure Blockchain Service. Corda Enterprise joins Ethereum as an additional distributed ledger technology available within the service. For customers who prefer Hyperledger Fabric, an Azure Marketplace template using Azure Kubernetes Service is available for use starting today.
Investing in developer tools
Of course, accelerating blockchain enterprise adoption is only possible with developers. We are continuing to build on our investments for blockchain developers with updates to the Azure Blockchain Development Kit for Ethereum extension for Visual Studio Code. These investments improve the productivity of developers, whether they are building an application on top of a blockchain network, or connecting a backend system to produce or consume blockchain data.
Recent investments in popular tools like OpenZeppelin integration provide easy discoverability and use of popular smart contracts for common developer needs. In addition to our focus on private blockchain developers, we are making sure public blockchain developers are equally well supported with investments in public chain tools, including Infura project integration. Adding native Infura integration to our Visual Studio Code extension makes it easy to create, interact with, and deploy to Infura projects. These developer tools integrate with Visual Studio Code and available free of charge.
Continuous innovation supports your blockchain journey
Blockchain is an exciting and dynamic industry, and we remain committed to simplifying adoption in the enterprise across scenarios like supply chain visibility and traceability and royalty reconciliation, among others. With investments that span the whole stack—from developer tools to Azure infrastructure services and Azure managed services—enterprise adoption of blockchain is easier than ever.
Next steps
Learn more about Azure Blockchain Tokens and Azure Blockchain Service
Read the white paper on Tokenization: Establishing Digital Representation of Value as the Medium of Exchange
Get started with code samples and tutorials in the Azure Blockchain development kit
Azure. Invent with purpose.
Quelle: Azure
Cloud computing has opened new paradigms for enterprises to reach higher levels of productivity and scale. At the tip of that spear is serverless computing, enabling developers, teams, and organizations to focus on business logic and leave hosting and scaling of resources to the cloud platform.
At Microsoft Ignite, we’re announcing serverless functions with no cold start and network isolation, PowerShell support for event-driven automation, simplified secrets management across serverless apps, unified monitoring capabilities, and increased language support—including .NET Core 3 and Python 3.7! These capabilities expand the list of target scenarios that would benefit from event-driven architectures and bring serverless to operations teams.
Business-critical apps with no cold start and network isolation
Function as a service (FaaS) platforms present a small delay on their first executions, known as cold start. This makes it challenging to adopt serverless functions for mission critical apps where a few seconds can make a huge difference. To address it, we’re announcing the general availability of the Azure Functions Premium plan.
It brings together the best of both serverless and dedicated hosting; you can leverage fast, dynamic scale while benefiting from network isolation, consistent performance, and more predictable costs.
When coupled with our PowerShell support, functions running on the Premium plan are the ultimate tool in the IT administrator’s belt, enabling long running orchestrations with support for executions up to an hour-long and hybrid connections to directly connect to on-premises resources.
Serverless automation with PowerShell
Automation and resources management is crucial for any cloud or hybrid solution, helping companies implement and comply with internal policies, reduce costs by turning off cloud resources during idle hours, or meet service-level agreement times. By taking an event-driven approach to building automation workflows, you can benefit from hundreds of built-in Azure connectors to automatically respond to the activity happening not only in Azure services, but also in third party solutions and on-premises resources as well.
With the general availability of PowerShell support in Azure Functions, you can set up serverless automation processes for infrastructure management and scripting tasks. Managing PowerShell modules is now easier than ever as you can rely on Azure Functions to ensure the latest critical and security updates are automatically installed.
For more complex tasks you can use Durable Functions, an extension to the Azure Functions runtime that uniquely brings stateful and orchestration capabilities to serverless functions. The new version of Durable Functions not only lets you simplify the orchestration of tasks, but now enables building stateful durable entities. This is especially helpful for scenarios that may require state persistence for a large number of devices (thousands, for example), all within a single serverless function.
Simplified secrets management
Security is top-of-mind for every company, and more organizations are adopting secrets management policies to securely store and consume very sensitive information including certificates, connection strings, or passwords. Azure Key Vault provides these capabilities in Azure and supports storing secrets centrally with expectations around expiration and access control.
Serverless apps and web sites hosted in Azure App Service and Azure Functions can now easily incorporate secrets management without any code changes by including references to Azure Key Vault secrets in their application settings, now in general availability. For existing applications, you can simply replace secrets included in the application settings with their references in Azure Key Vault, and they will continue to operate as normal. Behind the scenes, the application’s system-assigned identity is used to securely fetch the secret and make it available as an environment variable.
For simplified lifecycle management of your secrets, you can now use Azure Key Vault events on Azure Event Grid (currently in preview) to trigger automation workflows using Azure Functions, WebHooks, or any supported event handlers. By subscribing to changes in the status of keys, certificates or secrets stored in Azure Key Vault (such as about to expire, already expired, or new version available), you can automatically set up notifications or alerts to have the teams in charge perform the required actions.
Unified monitoring experience
Monitoring enables development teams to identify errors, bottlenecks, faulty services, and overall performance status across cloud applications. In addition to the existing capabilities for monitoring web applications and serverless functions, both Azure Functions and Azure App Service are now adding integration (currently in preview) with Azure Monitor Logs, sending log telemetry to a single workspace where you can create queries to quickly retrieve, consolidate, and analyze collected data—including using third party services for analysis—or set alert rules.
If you haven’t already, sign up for an Azure free account and start building serverless applications today! We cannot wait to see the new business-critical apps you'll build using the Azure Functions Premium plan and automation benefits you'll realize using PowerShell support in Azure Functions. Try them out today, and if you have any feedback please reach us on Twitter, GitHub, StackOverflow, and UserVoice.
Azure. Invent with purpose.
Quelle: Azure
With thousands of customers deploying more and more applications on cloud platforms, cloud technologies have become increasingly more familiar to businesses. However, the path for successful cloud adoption can be bumpy for enterprises as it requires more than the typical technology deployment steps. Successful cloud adoption requires deeper and broader changes across an organization, including business plans and expectations alignment, process updates, and technical readiness.
In our work with customers, we’ve helped solve some common obstacles to the cloud journey, including proper cloud governance to control costs and ensure security, confusion on the right migration strategy to define a path to the cloud, and a lack of context on how to establish a Cloud Center of Excellence in their organization.
Today, we are announcing the general availability of new content within the Microsoft Cloud Adoption Framework for Azure, including Innovate and Manage stages and new resources and assessments to help organizations wherever they are. It brings together best practices from Microsoft solution architects, partners, and customers into a comprehensive and curated set of tools, documentation, templates, and guidance that help organizations shape their cloud strategies, driving towards their desired business goals and outcomes.
Digital transformation is real and is here. We realize change takes time and real effort; it impacts people, culture, and business, and it can feel risky. It requires new disruptive thinking. It requires leaders to adapt, take risks, and learn quickly. It requires a culture and organization shift. And the Cloud Adoption Framework is here to help organizations navigate their respective and unique journeys, delivering on their business goals through the power of Azure.
How does it work?
Built with a modular approach, the Cloud Adoption Framework helps organizations breakdown their journey into discrete stages with clear guidance for business decision makers, cloud architects, and IT professionals to undertake their cloud journey with confidence and control, aligning business priorities and expected outcomes with technology changes and investments.
While each organization will have their own cloud journey to adopt the cloud, there are six main stages that hold true for most organizations: strategy, plan, ready, adopt, govern, and manage. Although the framework suggests a linear journey, reality shows it isn’t. It is an iterative and cyclical process, where organizations jump in and out of stages as they make progress or have new areas to address in their journey. If the organization is concerned with managing policies and staying compliant to industry regulations, then focus on establishing proper cloud governance to unblock and address those concerns. If the organization wants to review or define its own motivations for cloud adoption, then they will need to focus on the strategy and planning stages to establish a clear North Star for this change, and so forth.
Each stage of the framework focuses on specific aspects of the cloud journey, for each organization to address internally. Here is an overview of each stage:
Strategy: Understand the motivation to adopt new cloud technologies, considering business and financial justifications, and aligning to business goals and expected outcomes.
Plan: Create a cloud adoption plan based on inventory of the current digital estate, prioritized workloads, and a suitable migration strategy for business impact. The definition of a cloud strategy team and center of excellence must be defined at this point to ensure appropriate execution.
Ready: Prepare people, business processes, and IT environments for the change, based on a prioritized and agreed cloud adoption plan, leveraging landing zones and replicable mechanisms to enable agility with proper governance and controls.
Adopt: Whether looking to migrate existing workloads to the cloud or innovate creating something new, this stage is where the technology implementation takes place to deliver on the business expectations and align to the cloud adoption plan.
Govern: Review existing on-premises IT policies and define cloud governance to complement them. Learn to iterate as the cloud estate, business priorities, and processes change over time, potentially creating new risks to mitigate.
Manage: Define a cloud operating model based on operational excellence. Monitor, manage, and optimize cloud environments to adapt and deliver on business goals and expected outcomes.
Making the Cloud Adoption Framework actionable
Many customers and partners have been leveraging and contributing to this framework for a few months now. Partners, in particular, have found it very useful to help address their customers main blockers to cloud adoption, focusing on both the technical and business components.
“As a partner, New Signature has used the Microsoft Cloud Adoption Framework to help organize our services and have aligned customer engagements with the themes and goals the framework discusses. It has also been useful to fully identify the end to end capability needed to run both the technical transformation and the business change elements of cloud adoption.” – Sean Morris, Head of Consulting at New Signature.
And many Microsoft partners have already created offerings to help guide customers through their journey based on the framework. Similarly, OpsCompass “leverages the Microsoft Cloud Adoption Framework for Azure to help customers feel safe knowing they’re proactively managing their cost, compliance, and security risks as they adopt the cloud,” said Scott Griffith, Vice President of Corporate Development at OpsCompass.
Already, over 200 organizations have engaged with the framework, providing feedback, sharing best practices, and also learning new aspects to address open items in their journey. One of those is Dentsu Aegis Network, which wanted to enable teams across the world to leverage the power of Azure, in a controlled and secured matter.
“Using the Cloud Adoption Framework, we set up an automated self-service portal where anyone can request a cloud landing zone, get approval, and within hours have a new environment provisioned and ready to use in Azure,” said Chris Fry, Director of Global Programs at Dentsu Aegis Network.
All organizations can start leveraging the Cloud Adoption Framework to support their adoption journey today. Depending on your organization’s needs, there are a few options to get started:
To understand where in the cloud journey the organization is, take the Cloud Journey Tracker
To validate governance gaps and immediate next steps, take the Microsoft Cloud Adoption Framework Governance Benchmark
To get help with a lift-and-shift migration project already identified and prioritized, leverage the Azure Migration Program
To get assistance with an architecture design for a new or existing app on the cloud, reach out to Microsoft FastTrack for Azure
For all of the above and beyond, connect with a Microsoft partner
For more information and to learn more about it, visit the Cloud Adoption Framework for Azure page and for the best practices, guidance, and technical documentation, visit the Microsoft Cloud Adoption Framework for Azure documentation. Learn more about Microsoft migration resources and programs.
Azure. Invent with purpose.
Quelle: Azure
