Simplified disaster recovery for VMware machines using Azure Site Recovery

Microsoft officially announced the public preview to a simpler and more reliable way to protect your VMware virtual machines.

To tackle the changing needs of the customers, they have performed a major overhaul of the hybrid disaster recovery and added necessary enhancements along with highly requested simplifications. They have implemented a new architecture with which, the configuration server has now been revamped as the ASR replication appliance.

Automatic upgrades for ASR replication appliance and Mobility agent

A big deal-breaker with the current architecture was manually updating various configuration server components and mobility services. – as soon as an update arrives, both the appliance and mobility service will be updated automatically and that too out of business hours.

 

Additionally, for automatic upgrades, machine credentials will not be required anymore. Currently, it is necessary to have the latest credentials for both Linux and Windows machines for a successful update. But with this preview, the credentials will be required only initially and will not be required once the installation is complete. After the installation of the mobility service, credentials can be removed for all the machines.

 

Easier scale management

The appliance is now a single unit of management and all its components have been converted into micro-services which are hosted on Azure. This will not only make the troubleshooting much easier, but scale management also becomes much smoother. To scale out an appliance, you will just need to set up another appliance and voila, it is done! No need to set up another Process server anymore.

 

High availability for appliance

Appliance resiliency has also been a highly asked about topic and we have that covered too. Customers are usually afraid of an appliance burndown. There are also scenarios where one may need to load balance an appliance and move a protected machine to another appliance, without disabling replication.

 

With the preview, you don’t need to take regular backups of your appliance anymore – just spin up another appliance and switch all your machines to the new appliance. All the configuration details particular to a protected machine will be switched to the new appliance without needing to go through the complete replication again.

 

Apart from the above-mentioned improvements, they have also removed –

  • passphrase dependency – implemented a new certificate-based authentication,
  • static IP address dependency – will rather use FQDNs to maintain connectivity,
  • third party product dependency – MySQL installation on the appliance will not be required anymore.

 Learn more about the preview architecture and check out the release notes for a detailed list of improvements.

Azure Updates : Announcing the Azure Firewall Premium general availability

Azure Firewall Premium provides next-generation firewall(NGFW) capabilities that are required for highly sensitive and regulated environments.

With the new Azure Firewall Premium, the following new capabilities are now available:

  • TLS Inspection: Azure Firewall Premium terminates outbound and east-west TLS connections. Inbound TLS inspection is supported in conjunction with Azure Application Gateway allowing end-to-end encryption. Azure Firewall performs the required value-added security functions and re-encrypts the traffic which is sent to the original destination.
  • IDPs: Azure Firewall Premium provides signature-based intrusion detection and prevention system (IDPs) to allow rapid detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware.
  • Web Categories: Allows administrators to allow or deny user access to the Internet-based on categories (e.g. social networking, search engines, gambling), reducing the time spent on managing individual FQDNs and URLs. This capability is also available for Azure Firewall Standard based on FQDNs only.
  • URL Filtering: Allow users to access specific URLs for both plain text and encrypted traffic, typically being used in conjunction with Web Categories.

Azure Firewall Premium is utilizing Firewall Policy, a global resource that can be used to centrally manage your firewalls using Azure Firewall Manager. Starting this release, all new features will be configurable via Firewall Policy only. This includes TLS Inspection, IDPS, URL Filtering, Web categories, and more. Firewall Rules (Classic) continue to be supported and can be used for configuring existing features of Standard Firewall.  Firewall Policy can be managed independently or using Azure Firewall Manager. A firewall policy associated with a single firewall has no charge.

For more information, see the Azure Firewall Premium documentation

Bring cloud experiences to data workloads anywhere with Azure SQL enabled by Azure Arc

Customers can deploy cloud services on-premises and in multi-cloud environments—effectively modernizing in place by running Azure SQL on any infrastructure.

Cloud solutions that simplify the most complex hybrid data scenarios

Deploying cloud-based solutions to on-premises and multi-cloud environments helps deliver consistent, portable, and unified management across a company’s entire data estate. Customers are seeing improved productivity and operating efficiency by using hybrid technology to manage their data and app development at scale.

For example, SKF provides reliable rotation to industries all over the world, offering products and services around the rotating shaft including bearings, seals, lubrication management, artificial intelligence, and wireless condition monitoring. SKF has been on a journey to digitally transform the company’s backbone through harnessing the power of technology, interconnecting processes, streamlining operations, and delivering industry-leading digital products and services for customers. SKF uses Azure Arc, along with Azure Stack HCI and Azure SQL Edge, to scale solutions and standardize processes across their 91 manufacturing sites, resulting in 40 percent savings on hardware costs and 30 percent savings in OT-related machine downtime.

“SKF’s focus is on digitalizing all segments of the value chain and interconnecting them to unlock the full potential of digital ways of working for our business and customers. Azure Arc-enabled SQL Managed Instance is providing us worry-free and always up-to-date SQL operations. These types of services provide us a tremendous jumpstart into digitalization.”—Sven Vollbehr, Head of Digital Manufacturing, SKF

The “anywhere” solution for hybrid cloud applications

Beginning July 30, 2021, the general-purpose tier of Azure Arc-enabled SQL Managed Instance will be generally available, providing database-as-a-service (DBaaS) functionality on any infrastructure. Businesses will be able to deploy Azure SQL databases on any infrastructure and on any Kubernetes to:

  • Stay current with automated updates and deploy evergreen features and security updates to on-prem databases with no end-of-support.
  • Automate routine database administrator (DBA) tasks at scale with built-in management capabilities including high availability, backup, and restore.
  • Optimize data workload performance by bringing cloud elasticity on-premises for existing infrastructure, using only the resources needed to dynamically scale up, down, without application downtime.
  • Access Azure industry-leading security and governance capabilities for your on-premises data workloads using to protect your data.

New product features and capabilities will be rolled out on a continuous basis, and customers will be able to opt-in to preview additional Azure Arc-enabled services, such as PostgreSQL, and easily integrate as they become generally available. Additionally, customers will have the opportunity to test out future road map preview features and provide early feedback.

Develop breakthrough applications with our network of trusted partners

In support of Azure Arc-enabled data services’ general availability, Microsoft is announcing an expanded network of trusted partners and validated solutions to help customers get started.

Microsoft works closely with technology providers to validate popular platforms to work with Azure Arc, and our many service providers are here to provide customers with the latest innovations for hybrid data solutions on-premises or in multi-cloud environments.

Whether you are just getting started with migration and modernization efforts or in the middle of a multi-year digital transformation, our consulting services partners can help you choose the validated infrastructures and applications that are specifically configured and tested to work with Azure Arc.

Get started with Azure Arc-enabled data services

Get started with Azure Arc-enabled data services available in preview today. Starting July 30, 2021, Azure Arc-enabled SQL Managed Instance (general-purpose tier) will be generally available for customers to optimize their data workloads from cloud to edge.

Contact us to learn more on team@bpsme.com

Announcing pricing changes to Azure Sentinel and Azure Monitor Log Analytics to help you save costs

As a cloud-native SIEM, Azure Sentinel offers significant cost benefits. They have seen Azure Sentinel and the promise of cloud-native SIEM result in cost savings, both direct and indirect, for many of their customers. The 2020 commissioned Forrester Consulting Total Economic Impact™ of Microsoft Azure Sentinel study, for example, found that Azure Sentinel delivered a 48% reduction in costs compared to legacy SIEMs, saving on expenses like licensing, storage, and infrastructure costs.

Microsoft are pleased to announce changes to the pricing of Azure Sentinel and Azure Monitor Log Analytics that will offer you additional cost savings. These changes take effect on June 2.

The changes include:

New capacity reservation naming

Capacity reservations are now called commitment tiers. You will see this change reflected in your user interface, in documentation, as well as on Azure Sentinel and Azure Monitor pricing pages and in the pricing calculator.

New, higher commitment tiers

They are introducing new commitment tiers for both Azure Sentinel and Azure Monitor Log Analytics for higher data ingestion: 1 TB/Day, 2 TB/Day, and 5 TB/Day.

 

Changes to how we bill for data ingestion over your commitment tiers

They are also changing the way we bill for overage. Data ingested beyond your selected commitment tier will now be billed using the effective commitment tier rate, instead of the Pay-as-you-go rate, resulting in a lower bill.

For example, for Azure Sentinel in the East US region, if you are on a 500 GB/day commitment tier, you will now be billed for overage at $0.80/GB (i.e. the effective rate for that tier) instead of the $2/GB pay-as-you-go rate.

Simplification of commitment tiers

They are simplifying commitment tiers to make them easier to manage. You can now select from eight distinct commitment tiers, per your needs, and no longer need to manage tiers due to minor changes in data ingestion patterns.

As part of this change, any workspaces with commitment tiers greater than 500 GB/day will be reset to the lowest available commitment tier – 500 GB/day, 1 TB/day, 2 TB/day, or 5 TB/day. This change should lower your costs due to the lowered cost of overage.

For example, if you were previously on a 600 GB/day commitment tier, your commitment tier would now be to 500 GB/day. Due to the change in overage billing, on days when you ingest more than 600GB, you would get billed at the 500GB effective tier rate, and on days you ingest less than 600GB, you save money because you are at a lower commitment tier – saving you costs overall.

Learn More

We’re excited to help you save costs with these changes, and look forward to continuing to innovate with Azure Sentinel and Azure Monitor Log Analytics.

Improving the Business Continuity and Disaster Recovery posture of Azure VMs via a New added capability in Azure Site Recovery

Microsoft has lately announced a new capability in Azure Site Recovery to further improve the Business Continuity and Disaster Recovery posture of Azure VMs – in-line enablement of ASR at the time of VM creation.

This capability helps all Azure infrastructure customers avoid the hassle of separately configuring DR across regions (or zones) after the creation of VMs.

Microsoft recognizes that as the customers move and more business-critical applications to Azure, their resilience is of prime importance.

ASR is a key pillar of Microsoft’s resiliency offering, which allows customers to protect their Azure VMs against regional outages.

Previously, there was no seamless way to enable ASR during the creation of a VM. End customers had to follow through and execute a different workflow to protect the VM from regional (or zonal) outages after the VM was up and running.

With Microsoft latest release, now all end customers will be able to enable ASR while creating a VM. ASR will be one of the VM Management options alongside the ones currently available for configuration – Monitoring, Identity, and Backup, among others.

To get started, a customer can simply head over to the Azure portal. Go to ‘Virtual machines’ and click on ‘+ Add’. Go to the Management tab and select ‘Enable Disaster Recovery’ under ‘Site Recovery’. Make the relevant selections and proceed to create Azure VM. Once the VM is created, replication will be automatically enabled within a few minutes.

It shall be noted that so far, this offering is currently limited to Windows VMs and CentOS, Oracle Linux, and Red Hat Linux VMs. Microsoft also do not support zone to zone (in region) disaster recovery through the Create VM workflow currently.

Improving agility, performance, and resilience with new Azure infrastructure capabilities

As customers move beyond immediate crisis needs, such as enabling remote work, many are accelerating cloud adoption to increase competitive advantage and stay more digitally resilient. Enabling an agile, scalable, high-performing, and reliable infrastructure is critical to long-term success. Microsoft is committed to continuous innovation in Azure IaaS capabilities to help customers achieve these goals.

Microsoft is announcing new updates to the Azure infrastructure portfolio that help address a wide range of customer needs.

Increase agility with access to more choices and flexibility

Being responsive to rapidly changing business requirements is more important than it has ever been. Organizations need choices and flexibility in their cloud investments to stay agile. New innovations in Azure provide our customers with even more options, and these updates give customers the ultimate flexibility they need.

More options to run memory-intensive workloads. New Msv2 medium memory virtual machines (VMs), available in preview, enable customers to achieve up to a 20 percent increase in central processing units (CPU) performance and access up to 192 vCPU and 4TiB of memory. New Azure Dedicated Host stock keeping unit (SKUs), available soon in preview, let customers run a broader range of memory-intensive workloads in a single-tenant, hardware-isolated environment.

Simplified acquisition of compute capacity at deep discounts. New Azure Spot Virtual Machines (Spot VMs) features, in preview, help customers drastically improve the overall runtime of scale-out apps by letting Azure try and redeploy previously evicted Spot VMs as part of a scale set. Customers can also simulate evictions to test app behavior to ensure tolerance to interruptions.

More options to scale hybrid and edge deployments. The integration of VMware SD-WAN and the Azure Virtual WAN hub, available in preview, allows customers to easily connect branch offices and remote locations to Azure through VMware SD-WAN and take advantage of a complete Secure Access Service Edge solution. Azure Route Server—now in preview, helps customers streamline operations between any networking appliance and Azure’s virtual network by facilitating dynamic routing.

New capabilities to manage Linux environments. Last fall, Microsoft launched Azure Automanage to help customers greatly simplify Windows virtual machine management in Azure. We are now extending Azure Automanage capabilities to Linux Virtual Machines, giving customers the convenience to manage Windows and Linux VMs through one control plane. Additionally, the preview of Azure native integration with Elastic allows customers using Elastic services on Azure to access integrated billing, full technical support, and Azure portal integration.

Scale business-critical apps and improve performance

Many customers are migrating to the cloud to scale their most demanding workloads to achieve efficiency and performance gains. Azure offers one of the fastest networks with the broadest global footprint, enabling customers to build and deploy apps anywhere. They continue to innovate and make it easier for customers to increase workload scale and performance.

Simplified network resource distribution with new Azure Load Balancing capabilities. The new Azure Load Balancing selection tool, now in preview, offers customers guidance to choose the right services based on their workloads and requirements. They’re also increasing flexibility to load balance across IP addresses with Azure Load Balancer, now generally available.

More options to scale deployments with new Azure Virtual Machine Scale Sets features. Customers can simplify application deployment, management, and scalability while improving uptime with the recently introduced flexible orchestration mode. Customers can also gain greater operational agility by changing virtual machine sizes without redeploying the scale set and optimize costs by mixing Spot VMs and pay-as-you-go virtual machines within the same scale set.

Scaling disk performance with new performance tiers on premium SSDs. With the new capability in preview, customers can sustain a higher level of performance for planned events, such as a seasonal promotion, and change performance tiers without disruption to their workloads.

Strengthen business continuity with new reliability and security enhancements

Azure provides built-in high-availability and disaster recovery options to ensure maximum resilience for all workloads. We continue our infrastructure investments, including expanding our already leading number of regions and availability zones and are launching new services to keep apps and data resilient and secure on Azure.

Improving high availability with new on-demand capacity reservations. On-demand capacity reservations, now in preview, enable customers to reserve compute capacity for one or more virtual machine size in an Azure region or Availability Zone for any length of time. Customers can also combine capacity reservations with Reserved Virtual Machine Instances to greatly reduce costs.
Increasing workload portability and availability. Azure Resource Mover, now generally available, lets customers seamlessly move resources between public Azure regions. Customers can also increase workload availability with protection in the event of a zone failure with Zone Redundant Storage support for Premium and Standard SSDs, available in preview.

Built-in backup management at scale with Azure Backup Center. Azure Backup Center, now generally available, supports all Azure-based workloads supported by Azure Backup and offers new Azure policies to deploy backups at scale based on resource groups and tags.

Protection for data-in-use with Azure Confidential Computing. Customers can harden workloads and protect against malicious attacks with Trusted Launch for all Azure Virtual Machines, available in preview. They’re also safeguarding sensitive data in Azure with the preview of SQL Always Encrypted secure enclaves and enabling secure orchestration of confidential containers on Azure Kubernetes Service, now generally available.

Protection for apps and data with auto-key rotation. With the preview of the new feature, customers can automatically update all disks, snapshots, and images, and ensure their data is always secured with the latest encryption key.

Accelerate cloud migration with confidence

Microsoft and BPS will help customers accelerate cloud migration with first-class migration tooling, support, skilling, and resources. New capabilities are continuously being added to Azure Migrate.

Centralized migration across all infrastructure, apps, and data. With new features in Azure Migrate, customers can now assess SQL Server estates with the preview of discovery and assessment for SQL Server migration to Azure SQL.

Additional new features include the general availability of PowerShell support for migration of VMware virtual machines and the preview of a new app containerization tool allowing customers to migrate .NET and web apps to Azure Kubernetes Service.