Microsoft Azure Tuesday released new hybrid migration, data, security and compliance, and developer offerings aimed at helping the No. 2 cloud provider’s customers on their journeys to the cloud.
The products and services include the next generation of Azure Stack HCI, new Azure Migrate features and Azure Lighthouse security enhancements, and third-party connectors for Azure Sentinel, Microsoft’s security information and event management (SIEM) offering.
They were unveiled as the Microsoft Inspire 2020 partner conference got under way as a free digital-only event necessitated by the coronavirus (COVID-19) pandemic.
“Partners have always been important to help customers transform their IT estates and businesses, and we are committed to delivering technology to give partners the power to build innovative products and services that enable virtually any scenario or function for any customer anywhere,” said Arpan Shah, a general manager on the Azure team who leads product marketing for Azure infrastructure.
The next generation of Azure Stack HCI is the latest member of Microsoft‘s hybrid cloud portfolio. “Our approach with hybrid software is to offer solutions that meet our customers’ specific needs, whether they face business, regulatory or technical requirements that demand a hybrid environment,” Shah said. “With Azure Stack HCI, we are offering HCI as an Azure service that gives our partners an easy and fast way to integrate their customers’ infrastructure, from data center to Azure.”
Other new releases will give customers more choice and flexibility and make its partner technology more accessible, according to Shah.
“We have some new partner offerings available, including the GA [general availability] of a new supported distribution of Apache Hadoop for distributed processing and analysis of big data sets on clusters, as well as the GA of HashiCorp Consul Service on Azure,” he said.
Microsoft also unveiled an expansion of its partnership with SAP to help joint customers design and operate intelligent digital supply chain solutions in the cloud and on the edge.
Read on to find out more about the new Azure products and services, which include the preview of Azure Data Factory’s Managed Virtual Network (VNet) support, Azure Blob Storage updates and two more Cloud Practice Development Playbooks.
Next Generation Of Azure Stack HCI
Microsoft unveiled its next generation of Azure Stack HCI, an Azure service that combines the price-performance of hyperconverged infrastructure (HCI) with native Azure hybrid capabilities. The hyperconverged Windows Server 2019 cluster uses validated hardware to run virtualized workloads on-premises, enabling customers to consolidate aging infrastructure and connect to Azure for cloud services.
The newest version of Azure Stack HCI, a native and fully integrated Azure service now in public preview, includes security, performance and hybrid improvements.
“It delivers an integrated management and operations experience with Azure, allowing customers to manage Azure Stack HCI deployments and Azure resources side by side, right from the Azure portal,” Talal Alqinawi, Microsoft’s senior director of Azure marketing, said in a blog post. “Customers can monitor multiple clusters at scale and even view and manage virtual machines [VMs] running on Azure Stack HCI, taking advantage of Azure Arc.”
Microsoft included a new deployment wizard to quickly set up an Azure Stack HCI cluster and connect to Azure to take advantage of Azure Stack HCI native integration with core Azure services including Azure Backup, Azure Security Center and Azure Monitor. Other new features are no-cost extended security updates for Windows Server 2008 VMs running on Azure Stack HCI, and stretch cluster to easily extend a cluster from a single site to multiple sites for native high availability and disaster recovery, according to Alqinawi.
Microsoft also is offering the ability to run Azure Stack HCI on existing hardware if it matches Microsoft’s validated node solution.
“We believe this is an important new change for customers to get the most value out of their current hardware investment,” Alqinawi said.
Azure Stack HCI can be leveraged in a variety of use cases to modernize data centers with high-density virtualization and storage.
“This is an ideal solution for organizations that want to reduce their data center costs, especially for legacy hardware or SAN environments with modern hyperconverged infrastructure, through both the savings in Opex and efficiencies gained by centrally managing from Azure,” Alqinawi said.
Azure Stack HCI’s flexible, per-core subscription model allows customers to optimize cost based on their needs, according to Alqinawi.
“We give customers the flexibility to run small deployments like remote and branch offices or scale to data center-grade deployments,” he said.
Alqinawi used a branch-office scenario as an example. For an eight-core server with less than 16 VMs, the up-front cost for Azure Stack HCI is 2.5X less expensive than other HCI offerings on the market, he said.
Early benchmarking shows Azure Stack HCI IOPs (input/output operations per second) in the 13 million-plus range and over 1 million requests per second for TPC-c SQL server workloads, both in line with industry-leading performance, according to Alqinawi.
“We are working with partners to bring Azure Stack HCI to a broad range of validated hardware solutions that meet our customer needs,” he said. “These validated solutions are based on standardized reference architecture that are supported by Microsoft and our hardware partners.”
Azure Stack HCI integrated systems—which offer an appliance-like deployment experience with factory-preinstalled bits enabling easy deployment and integrated updates across the full stack of firmware, drivers, agents and the operating system—is a new purchasing option.
Lenovo is one of the first partners to deliver Azure Stack HCI integrated systems by bringing Azure Stack HCI to its server and software-defined portfolios, including its ThinkAgile MX1021 edge server platform.
Azure Lighthouse Security Features
New additions to Azure Lighthouse include multifactor authentication and privileged identity management support for just-in-time access.
Azure Lighthouse, which Microsoft made generally available last July during Microsoft Inspire 2019, offers service providers a single control plane to view and manage Azure across all customers with higher automation, scale and enhanced governance.
In answer to partner requests, Azure Lighthouse now will allow partners to reduce risk from standing elevated access, strengthen authentication methods and match customers’ compliance and risk management requirements, according to Microsoft.
Role-based access control (RBAC) for partners now can be permanent or eligible, and it can be achieved by adding a few parameters to the ARM template file that customers use to on-board to Azure Lighthouse. Partners can elevate access to a privileged (built-in RBAC) role for a shorter period for management tasks in their customer’s tenant, and they can support customers without needing a permanent level of higher access.
Microsoft Azure Sentinel Third-Party Connectors
The shift to remote work amid the coronavirus pandemic has increased the need for organizations to re-evaluate their security and risk management practices, according to Alym Rayani, a senior director of security and compliance solutions at Microsoft.
“With employees accessing corporate data at times on home computers or sharing and collaborating in new ways, organizations could be at greater risk for data leak or other risks,” he said.
Microsoft saw 89 percent of customers move most of their employees to remote working during the pandemic, according to Rayani. Only 54 percent of chief information security officers said their operational resilience plans prepared them adequately for the crisis.
“With security threats becoming more daunting and sophisticated, and regulatory requirements more prevalent, the need for skilled security compliance consultants, architects and state-of-the-art managed services is more essential than ever before,” Rayani said.
Microsoft unveiled new third-party connectors for popular security offerings for Microsoft Azure Sentinel. The scalable, cloud-native, security information and event management (SIEM) and security orchestration automated response (SOAR) solution, which launched last year, helps collect security data across an entire hybrid organization, including devices, users, applications, servers and any cloud.
“Using these data sources, you can build a more complete picture of the threats that your organization faces, conduct deep threat hunts across your environment and use the power of automation and orchestration in the cloud to help free up your security analysts to focus on their highest-value tasks,” Rayani said.
The new third-party connectors, which have sample queries, dashboards and analytics, help collect security data, detect and respond to threats, and provide immediate security insight across partner solutions, including networks, firewalls, endpoint protection and vulnerability management. Third-party connectors are available for Alcide kAudit (Kubernetes logs), Vectra AI, Perimeter 81 (activity logs), Symantec Proxy SG, Symantec VIP, Pulse Connect Secure, Infoblox NIOS, Proofpoint TAP, Qualys VM, VMware Carbon Black, Okta SSO and RiskIQ (Azure Logic Apps custom connector).
New Azure Migrate Features
Microsoft introduced new enhancements to Azure Migrate, its central hub of Azure cloud migration services and tools to discover, assess and migrate workloads to the cloud.
A new feature allows customers to conduct richer data center assessments. It includes the ability to import and create assessments using uploaded Configuration Management Database data, along with support for Azure VMware Solutions assessments and app compatibility, which now is in public preview.
Azure Migrate advanced specializations, training and support for PowerShell, a cross-platform task automation and configuration management framework consisting of a command-line shell and scripting language, are now generally available.
Azure disks and networking enhancements also have been added to meet requirements for some critical workloads. They include shared disks for Azure Disk Storage, private links for exporting and importing data securely over a private network and support for third-party virtual appliances within virtual wide-area network hubs, including Barracuda.
Microsoft Expands SAP Partnership
Microsoft is expanding its partnership with SAP to help joint customers design and operate intelligent digital supply chain solutions in the cloud and on the edge.
Customers will be able to use SAP digital supply chain offerings—including those for digital manufacturing, SAP Intelligent Asset Management, SAP Integrated Business Planning and SAP supply chain network offerings—through a Software-as-a-Service (SaaS) model on the Microsoft Azure cloud.
“The offering reduces the customer’s need to manage the software and underlying infrastructure, and it accelerates time to value of their supply chain applications,” Microsoft said. “Customers will be able to scale globally using the Azure data centers, which offer enterprise-grade compute, storage and network services to support mission-critical performance and business continuity.”
Microsoft also will make SAP services available on Microsoft Azure Stack Edge, beginning with SAP Digital Manufacturing Cloud.
“By extending the Azure cloud capabilities to the edge with Azure Stack Edge, businesses will also be able to manage SAP solutions locally across their factories and warehouses to drive immediate decision-making and actions,” Microsoft said.
SAP offferings for digital manufacturing and SAP Intelligent Asset Management are available now, and more are expected to be introduced later this year.
Supported Distribution Of Apache Hadoop
Microsoft’s supported distribution of Apache Hadoop, the original open-source framework for distributed processing and analysis of big data sets on clusters, is now available and is fully open source and compatible with the latest version of Hadoop.
The supported distribution allows users to provision a new HDInsight cluster based on Apache code that is built and wholly supported by Microsoft. Customers will be migrated automatically to the supported distribution.
Azure Blob Storage Updates
Last access for Azure Blob Storage, a service for storing large amounts of unstructured object data, such as text or binary data, now is in public preview. Last access provides customers improved visibility into their data, including how often it gets accessed, and will help customers manage their data life cycles based on access time.
Customers also can use last access time, a new system metadata available to independent software vendor partners to make placement and retention decisions for their data.
In addition, Azure Blob Storage now supports Network File System (NFS) 3.0 for read-heavy data workloads for media, energy and financial services customers. The upgrade, which is in public preview, helps remove data silos and run applications at scale by serving as the only storage platform that supports NFS protocol over objects with object storage economics, according to Microsoft.
Azure Data Factory Feature Preview
Customers can increase security and limit internet exposure with Azure Data Factory’s Managed Virtual Network (VNet) support. Now in preview, it secures the connection between Azure Data Factory—Azure‘s cloud extract, transfer and load (ETL) service for scale-out serverless data integration and data transformation —and Platform-as-a-Service data (PaaS) stores in Azure, providing an isolated, secure environment to run data-integration pipelines.
Azure Integration Runtime in the Managed VNet environment can privately connect to Azure PaaS data store by using Azure Private Link, which simplifies the network architecture and limits exposure to the internet.
GA Of HashiCorp Consul Service On Azure
San Francisco’s HashiCorp announced the general availability of HashiCorp Consul Service (HCS) on Azure, a fully managed service that allows customers to natively provision HashiCorp-managed Consul clusters directly through their Azure dashboard in multiple Azure regions.
“HCS on Azure provides a simple, safe and secure service-networking solution, so customers can easily conduct service discovery, service segmentation and service mesh across a mix of virtual machines, hybrid, on-premises and Kubernetes environments, while offloading the operational burden to HashiCorp,” Microsoft said. “This reduces complexity for customers and enables them to focus on cloud-native innovation.”
HCS, which was launched in private beta last September, will be generally available this Thursday in multiple Azure cloud regions in the U.S., Europe and Asia through the Azure Marketplace.
Two New Cloud Practice Playbooks
Microsoft has published two additions to its series of Cloud Practice Development Playbooks, which were introduced in 2017 and are written by Microsoft and partners.
The Microsoft Azure Center of Excellence Playbook outlines how partners can grow an Azure-focused practice, while the App Innovation Practice Development Playbook details the customer demand for cloud-based applications and how partners can be successful using Microsoft technology and programs to create and deliver application development services and intellectual property. Designed for use by partners, both are available starting Tuesday.
Microsoft currently has 11 other playbooks that serve as blueprints for partners to build their cloud businesses: the IoT Practice Playbook, AI Practice Development Playbook, Data Platform and Analytics Playbook, Cloud Migration and Modernization Playbook, Cloud Operations and Management Playbook, Cloud Infrastructure Playbook, Business Applications Playbook, Security Practice Development Playbook, Grow Your ISV Business With SaaS Playbook, the Teams Practice Development Playbook, and Recruit, Hire, Onboard and Retain Talent Playbook.