Posted by: kurtsh | September 1, 2023

RELEASE: “Group Policy Analytics Tool” for Microsoft Intune

imageWanna get off of Group Policy & on-prem configuration policy management?

Is your GP a mess & are you constantly running GPResults cuz you don’t know how GPOs are going to impact your users & devices? Smile 

Are you looking to move to cloud-based Intune policy to eliminate the need corpnet or VPN connectivity to apply policies?

The Group Policy analytics tool can help you overcome these challenges by providing:

  • A detailed report for each GPO that shows you the settings, conflicts, usage, and Intune equivalent policy (if one exists).
  • A migration tool that lets you export your GPO settings to Intune policies and apply them to your devices.

You can use Group Policy analytics to import, analyze, and migrate GPOs and their settings.  Read about it and the “Group Policy Migration Readiness” report here:

Comments Off on RELEASE: “Group Policy Analytics Tool” for Microsoft Intune

Posted in Uncategorized

Posted by: kurtsh | August 29, 2023

HOWTO: Obtain a Microsoft Unified Enterprise Support Plan

imageAre you looking for:

  1. SUPERVISION: Directly-supervised case during Critical Situations & issues of the highest severity
  2. ESCALATION: Managed escalation for matters that increase in urgency or need increase attention
  3. SECURITY 911: Immediate assistance during breaches, compromises, ransomware, DDOS attacks & other cybersecurity incidents
  4. RESPONSE TIMES: Documented & defined Service Response Times
  5. ADVISORY: Expert technical assistance & guidance for deployments, configurations
  6. TROUBLESHOOTING: 24/7 technical support for all cloud & software product solutions from Microsoft
  7. TRAINING: Unique, one-of-a-kind workshops from a catalog of over 500 course offerings, available in-person or virtually from experienced support engineers
  8. ENHANCED SUPPORT: Access more than 8 add-on support services for differing needs including
        1. Designated Engineering
        2. Mission Critical Support
        3. Enhanced Response
        4. Developer Support
        5. Office 365 Engineering Direct
  9. ENGINEERING ACCESS: Cases may be escalated to product engineering for review when the issue is confirmed to be a product issue by support
  10. CHANGE REQUESTS: “Design change requests” may be submitted to engineering for missing functionality
  11. ROOT CAUSE: Analysis reports are generated to share with exec management to understand root cause & what is being done to prevent the issue from happening in the future
  12. PROACTIVE ASSISTANCE: Accelerate the progress of IT staff-led Microsoft projects with expert support engineering assistance through a catalog of over 1000+ Unified Proactive offerings.

If this sounds like what you’re interested in, you’re looking to enroll in Microsoft Unified Enterprise Support.  Support agreements start at $50K for existing Microsoft customers with Master Business Agreements.

Contact your Microsoft Account Executive to be put in touch with a Microsoft Services Executive to discuss Unified Enterprise Support.

Read more about Unified Enterprise support below.

Comments Off on HOWTO: Obtain a Microsoft Unified Enterprise Support Plan

Posted in Uncategorized

Posted by: kurtsh | August 23, 2023

EVENT: “Surface Event” – Sept 21, 2023

imageComing Sept 21, 2023:

"…my sources say to expect a new Surface Laptop Studio 2, Surface Laptop Go 3, and Surface Go 4 for the main highlights."

Comments Off on EVENT: “Surface Event” – Sept 21, 2023

Posted in Uncategorized | Tags: , ,

Posted by: kurtsh | August 23, 2023

DOWNLOAD: Azure Governance Visualizer (AzGovViz)

imageAzure Governance Visualizer (AzGovViz) is a PowerShell script that iterates through an Azure tenant’s management group hierarchy down to the subscription level.   You can run the script either for your Tenant Root Group or any other Management Group.

By polling Azure ARM, Storage and Microsoft Graph APIs, the script captures data from the most relevant Azure governance capabilities such as:

  • Azure Policy
  • Azure role-based access control (Azure RBAC)
  • Azure Blueprints

From the collected data, the visualizer shows your hierarchy map, creates a tenant summary, and builds granular scope insights about your management groups and subscriptions.

Do you want to get granular insights on your technical Azure Governance implementation? – document it in CSV, HTML, Markdown and JSON? Azure Governance Visualizer is a PowerShell based script that iterates your Azure Tenant´s Management Group hierarchy down to Subscription level. It captures most relevant Azure governance capabilities such as Azure Policy, RBAC and Blueprints and a lot more. From the collected data Azure Governance Visualizer provides visibility on your HierarchyMap, creates a TenantSummary, creates DefinitionInsights and builds granular ScopeInsights on Management Groups and Subscriptions. The technical requirements as well as the required permissions are minimal.

The visualizer provides a holistic overview of your technical Azure Governance implementation by connecting the dots.

Comments Off on DOWNLOAD: Azure Governance Visualizer (AzGovViz)

Posted in Uncategorized

Posted by: kurtsh | August 15, 2023

INFO: Obtaining Windows/SQL Server 2012/R2 Extended Security Updates

If you have Windows Server 2012/R2 or SQL Server 2012/R2 still deployed on-prem and plan on purchasing Extended Security Updates, there are new Windows Server/SQL Server 2012/R2 Extended Security Update “subscription SKUs” coming out on September 1st, which incorporate Azure Arc.

This will be the only way to obtain Extended Security Updates for either product.  These SKUs will be monthly subscriptions:

REQUIREMENTS:
In order to purchase the NEW ESUs, you must have Software Assurance through Volume Licensing Programs such as an Enterprise Agreement (EA), Enterprise Agreement Subscription (EAS), Enrollment for Education Solutions (EES), or Server and Cloud Enrollment (SCE).

These NEW SKUs replace the old Volume License Service Center (VLSC) licensed Windows/SQL Server ESU SKUs. Customers can no longer subscribe to the old ESU SKUs unless they cannot use Azure Arc. Customers without Azure enrollments will be required to get them to deploy Azure Arc & subscribe to ESUs.  The old VLSC ESU SKUs will not listed on any price sheet for purchase.

ADDITIONAL REFERENCES:

Comments Off on INFO: Obtaining Windows/SQL Server 2012/R2 Extended Security Updates

Posted in Uncategorized

Posted by: kurtsh | August 15, 2023

NEWS: "Microsoft AI tool reveals swath of devastation from Maui wildfire" – Geekwire

imageMicrosoft researchers used AI to assist the American Red Cross in analyzing maps of Lahaina, Maui to identify damage to buildings.  “This is critical because they need to understand where to send people, which areas need to [be] prioritized, which part are they not considering,” according to Chief Scientist for Microsoft AI for Good, Juan M. Lavista Ferres:

Our hearts go out to the residents of Maui in the wake of this week’s devastating storm and wildfires. Microsoft is working with the American Red Cross and Planet on a preliminary assessment of the damage in Lahaina in order to help first responders and relief organizations in their critical work.

We have run our damage assessment AI models on the satellite images we received from Planet and have maps of the affected buildings. If your organization would benefit from the underlying data in this report—please contact me. We are committed to sharing this information in support of the response efforts.

There are a total of 2,810 buildings in the study area. Out of these, we estimate that at least 1722 buildings were damaged.

  • 1,088 are between 0 and 20% damaged.
  • 110 are between 20-40% damaged.
  • 169 are between 40-60% damaged.
  • 238 are between 60-80% damaged.
  • 1,205 are between 80-100% damaged

Please note: Our AI model determines if a building has been affected based on satellite imagery. While we strive for accuracy, satellite data has its limitations. The provided maps should be used as a preliminary reference and verified on the ground for a comprehensive assessment.

Read more here:

Comments Off on NEWS: "Microsoft AI tool reveals swath of devastation from Maui wildfire" – Geekwire

Posted in Uncategorized

Posted by: kurtsh | August 15, 2023

RELEASE: Active Directory Certificate Services (AD CS) sensor for Defender for Identity

imageDefender for Identity (MDI) is introducing a new sensor type for Active Directory Certificate Services (ADCS).

  • AD CS is a Windows Server role that issues and manages public key infrastructure (PKI) certificates in secure communication and authentication protocols.
  • AD CS can be part of a domain controller, in which case, no extra actions are needed. However, if your AD CS is on it’s own server, you must make sure that events are being collected from that server.

If your sensor is installed on a domain controller with AD CS, you’ll view additional security content, such as related alerts and Secure Score reports.

Read more at:

Comments Off on RELEASE: Active Directory Certificate Services (AD CS) sensor for Defender for Identity

Posted in Uncategorized

Posted by: kurtsh | August 14, 2023

RELEASE: Azure Storage ”Cold” Access Tier

imageWe released a “less expensive” storage tier called “Cold tier” – which is approaches the costs of our lowest cost offering, “Archive Tier”, for folks retaining data in Azure Storage that needs to be accesses a few times a year & has a data read & data retrieval costs that aren’t exorbitant.

Cool/Cold is good for folks that know they’ll definitely need to pull data a handful of times during the year – and not just store the data for retention/compliance reasons.  Read more about the differences here: “Access tiers for blob data – Azure Storage”.

Here’s the announcement:

Azure Blob Storage Cold Tier is now generally available. It is a new online access tier that is the most cost-effective Azure Blob offering for storing infrequently accessed data with long-term retention requirements, while providing instant access.

Azure Blob Storage is optimized for storing massive amounts of unstructured data. With blob access tiers, you can store your data most cost-effectively based on how frequently it will be accessed and how long it will be retained.

The pricing of the cold tier storage option lies between the cool and archive tiers, and it follows a 90-day early deletion policy. You can seamlessly utilize the cold tier in the same way as the hot and cool tiers, through REST API, SDKs, tools, and lifecycle management policies.

Refer to the blog and documentation for additional details. You can find pricing information on the Azure Blob

GENERAL SUMMARY:
To quote, our docs, “Data in the cool and cold tiers have slightly lower availability, but offer the same high durability, retrieval latency, and throughput characteristics as the hot tier.

For data in the cool or cold tiers, slightly lower availability and higher access costs may be acceptable trade-offs for lower overall storage costs, as compared to the hot tier. For more information, see SLA for storage.”

Cost differences are:

  • Cold storage capacity cost is ~80% less than the cost of Hot, ~50% less than the cost of Cool
  • Cold storage write operations cost 4x the cost of Hot, 2x the cost of Cool
  • Cold storage read operations cost 26x the cost of Cool, 10x the cost of Cool
  • Cold storage data retrieval cost is 3x the cost of Cool

EXAMPLE:
For example, charges for 100TB of Azure Storage in WestUS 2: (According to https://aka.ms/pricing)

  • Capacity:
        • Hot $1800/mo
        • Cool $1000/mo
        • Cold $400/mo
        • Archive $100/mo
  • Writes/10000 operations:
        • Hot $.065
        • Cool $1.30
        • Cold $2.34
        • Archive $1.30
  • Reads/10000 operations:
        • Hot $.05
        • Cool $.13
        • Cold $1.30
        • Archive $65.00 or $650.00 (High priority)
  • Data Retrieval
        • Hot N/A
        • Cool $10/TB
        • Cold $30/TB
        • Archive $20/TB or $100/TB (High priority)

Here’s our recent posts about the NEW Cold access tier for Azure Storage:

Comments Off on RELEASE: Azure Storage ”Cold” Access Tier

Posted in Uncategorized

Posted by: kurtsh | August 8, 2023

BETA: Copilot in Microsoft Cost Management

Use generative AI to keep costs under control. See how Copilot in Microsoft Cost Management helps you get insights and recommendations for cost savings in the cloud.

VIDEO SYNOPSIS:
Reduce unpredictability of operational costs with visibility into workload-related spend using AI chat in Microsoft Cost Management. See spending patterns and anomalies that drive up costs, set budgets, share workload costs across teams and business units, and identify opportunities for optimization.

DOCS: Understand and optimize your cloud costs with AI-powered functionality in Cost Management

▫️https://aka.ms/MCM-AIPreview

Comments Off on BETA: Copilot in Microsoft Cost Management

Posted in Uncategorized

Posted by: kurtsh | August 8, 2023

INFO: Microsoft’s Internal Security on its transition to Microsoft Sentinel

Our Inside Track series recently wrote about Microsoft’s own transition to using Microsoft Sentinel for it’s Enterprise SIEM.

Architecture for the new SIEM solution using Microsoft Sentinel.

We recently implemented Microsoft Sentinel to replace a preexisting, on-premises solution for security information and event management (SIEM). With Microsoft Sentinel, we can ingest and appropriately respond to more than 20 billion cybersecurity events per day.

Microsoft Sentinel supplies cloud-scale SIEM functionality that allows integration with crucial systems, provides accurate and timely response to security threats, and supports the SIEM requirements of our team.

The article goes over the anticipated value add from the new cloud-based solution, the design, architecture & implementation, the resulting experience. There are also links to operational documentation from the Microsoft Security team.

✅ Moving to next-generation SIEM at Microsoft with Microsoft Sentinel: https://www.microsoft.com/insidetrack/blog/moving-to-next-generation-siem-at-microsoft-with-microsoft-azure-sentinel/

Comments Off on INFO: Microsoft’s Internal Security on its transition to Microsoft Sentinel

Posted in Uncategorized

« Newer Posts - Older Posts »

Categories