mountainss Cloud and Datacenter Management Blog

Microsoft SystemCenter blogsite about virtualization on-premises and Cloud


Leave a comment

#Microsoft Windows Server Summit 2018 on June 26 #Winserv #WindowsAdminCenter #Containers #WindowsServerSummit

Microsoft Windows Admin Center

Join Microsoft Windows Server Summit on June 26, 2018

Join Microsoft on Tuesday, June 26, 2018 for a virtual experience to learn tips and tricks for modernizing your infrastructure and applications—regardless of whether you’re running Windows Server on-premises or in the cloud.

Here you find more Microsoft Information about the Windows Server Summit 2018


Windows Admin Center Rocks

#MVPbuzz


Advertisements


Leave a comment

Protect your #HyperV Virtual Machines from Windows Admin Center with #Azure Site Recovery #WAC #ASR


Windows Admin Center is an evolution of Windows Server in-box management tools; it’s a single pane of glass that consolidates all aspects of local and remote server management. As a locally deployed, browser-based management experience, an Internet connection and Azure aren’t required. Windows Admin Center gives you full control of all aspects of your deployment, including private networks that aren’t Internet-connected.

You can download Microsoft Windows Admin Center from here


Windows Admin Center supports several optional features that integrate with Azure services. Use the following information to configure the Windows Admin Center gateway to support these Azure integration features.  Configuring Azure Integration in WAC

When you have Azure integration in place with Microsoft Windows Admin Center you can use Azure Site Recovery (ASR).
Azure Site Recovery is an Azure service that replicates workloads running on VMs so that your business-critical infrastructure is protected in case of a disaster. Learn more about Azure Site Recovery

Protect your Hyper-V Virtual Machines from Windows Admin Center with Azure Site Recovery

.Use the following information to configure replication settings and create a recovery plan from within the Azure portal, enabling Windows Admin Center to start VM replication and protect your VMs.

 

Follow Jeff Woolsey Principal Program Manager Windows Server / Hybrid Cloud

Windows Admin Center Just Rocks also for our PowerShell Administrators 😉

Start Today with Windows Admin Center

#MVPbuzz


Leave a comment

#Microsoft Introduction to Windows Admin Center #Winserv #Windows10 #Azure #hyperv #AzureStack

Microsoft is introducing the New Windows Admin Center ( former Project Honolulu )

Last weekend I made my MVPLAB.LOCAL domain with Project Honolulu version 1803 and Windows Server Insider version.

I Made my Domain controller first and later a Cluster with the Windows Server Insider Build version 17639

With Microsoft Windows Admin Center it’s great to manage Windows Server Core version Servers, you got a great GUI interface and you still have a small footprint for your Server OS with Core 🙂

Windows Admin Center is a new, locally-deployed, browser-based management tool set that lets you manage your Windows Servers with no Azure or cloud dependency. Windows Admin Center gives you full control over all aspects of your server infrastructure and is particularly useful for managing servers on private networks that are not connected to the Internet.
Windows Admin Center is the modern evolution of “in-box” management tools, like Server Manager and MMC. It complements System Center and Operations Management Suite – it’s not a replacement.

Architecture

In my MVPLAB.LOCAL I was busy to make a Gateway to Azure for Hybrid Cloud Management :

But with the Microsoft announcement of Windows Admin Center version 1804 yesterday, I will Upgrade my MVPLAB 😉

Download Windows Admin Center here


Leave a comment

UPDATE on Project Honolulu with Jeff Woolsey @WSV_GUY #Winserv #Hyperv #Azure

In this episode, Microsoft takes a look at updates to Project Honolulu and PowerShell Core to manage your server infrastructure. Jeff Woolsey explains the updates IT pros will want to know about and demonstrates what’s new in Project Honolulu – including Remote Desktop Protocol, Windows client management and PowerShell support. Speaking of PowerShell, Jeff also shows how everything has evolved to PowerShell Core, so you can manage your Windows and Linux workloads from one unified scripting place. You’ll even see how with a single cmdlet, you can talk to both Windows and Linux machines and get cross-platform joined outputs.

More information about Microsoft Project Honolulu

Project Honolulu is a flexible, lightweight browser-based locally-deployed platform and a solution for management scenarios. One of Microsoft goals with Project Honolulu is to make it simpler and easier to connect existing deployments of Windows Server to Azure services. With Windows Server 2019 and Project Honolulu, customers will be able to easily integrate Azure services such as Azure Backup, Azure File Sync, disaster recovery, and much more so they will be able to leverage these Azure services without disrupting their applications and infrastructure.

Introducing Windows Server 2019 – now available in preview

Evaluate Project Honolulu


Leave a comment

What is New in Microsoft System Center version 1801 #Sysctr #SCOM #SCVMM #SCDPM

What is New in Microsoft System Center Virtual Machine Manager version 1801 ?

  • Nested virtualization
  • Migration of VMware VM (EFI firmware-based VM) to Hyper-V VM
  • Performance improvement in host refresher
  • Enhanced console session in VMM

Networking :

Security :

Azure Integration :

SCVMM 1801 supports management of ARM-based VMs, Azure Active Directory (AD) based authentication that is created by using the new Azure portal and region-specific Azure subscriptions (namely, Germany, China, US Government Azure regions).

Download here System Center Virtual Machine Manager version 1801 VHD

What is New in System Center Data Protection Manager version 1801 ?

The following features are either new to DPM, or are improved for DPM 2016.

Modern Backup Storage – Using Resilient File System (ReFS) block-cloning technology to store incremental backups, DPM 2016 dramatically improves storage utilization and performance. The storage consumed by backups grows and shrinks with the production data source, and there is no over-allocation of storage.
Resilient change tracking (RCT) – DPM uses RCT (the native change tracking in Hyper-V), which removes the need for time-consuming consistency checks. RCT provides better resiliency than the change tracking provided by VSS snapshot-based backups. DPM also uses RCT for incremental backup. It identifies VHD changes for virtual machines, and transfers only those blocks that are indicated by the change tracker.
Continued protection during cluster aware updates – Windows Server 2016 comes with the cluster OS rolling update, where a cluster can be upgraded to Windows Server 2016 without bringing it down. DPM 2016 continues to protect VMs during the upgrade, maintaining the backup service level agreement (SLA).
Shielded VM Backups – Shielded VMs in Windows Server 2016 help protect sensitive VMs from inspection, tampering, and data theft by malware and malicious administrators. DPM 2016 backups retain the protections provided by shielded VMs to ensure they can be recovered seamlessly and securely.
Hyper-V with Storage Spaces Direct – DPM recognizes and protects Hyper-V VMs deployed on Storage Spaces Direct, delivering seamless backup and recovery of VMs in disaggregated and hyper-converged scenarios.
Hyper-V with ReFS SOFS Cluster – DPM 2016 can back up Hyper-V VMs deployed on ReFS-based SOFS clusters. Backup and recovery of RCT-based VMs and non-RCT VMs is supported.
Upgrading a DPM production server to 2016 doesn’t require a reboot – When you upgrade to DPM 2016, you are not required to reboot the production server. To avoid rebooting the production server, upgrade to DPM 2016 and upgrade the DPM agent on the production servers. Backups continue and you reboot the production server when you want.

DPM to Azure Backup Vault.

Download here System Center Data Protection Manager version 1801 VHD

What is New in System Center Operations Manager version 1801 ?

  • Enter product key from the Operation Console
  • Linux monitoring
  • Improved HTML5 dashboarding experience
  • System Center Visual Studio Authoring Extension (VSAE) support for Visual Studio 2017
  • Enhanced SDK Client performance
  • Updates and recommendations for third-party Management Packs
  • Linux Kerberos support
  • Service Map integration

Microsoft Service Map automatically discovers application components on Windows and Linux systems and maps the communication between services. It automatically builds a common reference map of dependencies across your servers, processes, and third-party services. Integration between Service Map and System Center Operations Manager allows you to automatically create distributed application diagrams in Operations Manager that are based on the dynamic dependency maps in Service Map.

The Microsoft System Center Operations Manager Team published a great blogpost on the New SCOM Web Console version 1801

Download here System Center Operations Manager version 1801 VHD

Download here System Center Orchestrator version 1801 VHD

Download here System Center Service Manager version 1801 VHD

 

Here you find more information about System Center version 1801

Test today the new features of System Center version 1801 with the Evaluation VHD’s 😉


Leave a comment

#Microsoft Azure Security Center Overview #Cloud #Security #HybridCloud #Azure

Microsoft Azure Security Center provides unified security management and advanced threat protection across hybrid cloud workloads. With Security Center, you can apply security policies across your workloads, limit your exposure to threats, and detect and respond to attacks.

You can select an existing Log Analytics workspace to store data collected by Security Center. To use your existing Log Analytics workspace:
• The workspace must be associated with your selected Azure subscription.
• At a minimum, you must have read permissions to access the workspace.

You can edit the default security policy for each of your Azure subscriptions in Security Center. To modify a security policy, you must be an owner, contributor, or security administrator of the subscription. To configure security policies in Security Center, do the following:
1. Sign in to the Azure portal.
2. On the Security Center dashboard, under General, select Security policy.
3. Select the subscription that you want to enable a security policy for.
4. In the Policy Components section, select Security policy.
This is the default policy that’s assigned by Security Center. You can turn on or off the available security recommendations.
5. When you finish editing, select Save.

Here you find more on Set security policies in Azure Security Center

Some policies need the upgrade Enhanced Security

Contact information for Notifications

Azure Security Center provides unified security management and advanced threat protection for workloads running in Azure, on-premises, and in other clouds. It delivers visibility and control over hybrid cloud workloads, active defenses that reduce your exposure to threats, and intelligent detection to help you keep pace with rapidly evolving cyber attacks.
Pricing tiers
Security Center is offered in two tiers:
The Free tier is automatically enabled on all Azure subscriptions, and provides security policy, continuous security assessment, and actionable security recommendations to help you protect your Azure resources.
The Standard tier extends the capabilities of the Free tier to workloads running in private and other public clouds, providing unified security management and threat protection across your hybrid cloud workloads. The Standard tier also adds advanced threat detection capabilities, which uses built-in behavioral analytics and machine learning to identify attacks and zero-day exploits, access and application controls to reduce exposure to network attacks and malware, and more. The Standard tier is free for the first 60 days. Read here more…….

What are OS Security Configurations?
Azure Security Center monitors security configurations using a set of over 150 recommended rules for hardening the OS, including rules related to firewalls, auditing, password policies, and more. If a machine is found to have a vulnerable configuration, a security recommendation is generated.
Customization of the rules can help organizations to control which configuration options are more appropriate for their environment. This feature enables users to set a customized assessment policy and apply it on all applicable machines in the subscription.

Note
• Currently OS Security Configuration customization is available for Windows Server 2008, 2008R2, 2012, 2012R2 operating systems only.
• The configuration applies to all VMs and computers connected to all workspaces under the selected subscription.
• OS Security Configuration customization is available only on Security Center’s Standard tier.

Download the Baseline configuration JSON file

You can make a Custom Baseline with Visual Studio Code and Upload to Azure

Microsoft Azure Security Center QuickStart :

Configure Security Policy

Managing security recommendations in Azure Security Center

Security health monitoring in Azure Security Center

Managing and responding to security alerts in Azure Security Center

Documentation :

Microsoft Azure Security Center Documentation 

Microsoft Azure Security Center Forum

Planning guide
This guide covers a set of steps and tasks that you can follow to optimize your use of Security Center based on your organization’s security requirements and cloud management model. To take full advantage of Security Center, it is important to understand how different individuals or teams in your organization use the service to meet secure development and operations, monitoring, governance, and incident response needs. The key areas to consider when planning to use Security Center are:

Security Roles and Access Controls
Security Policies and Recommendations
Data Collection and Storage
Ongoing non-Azure resources
Ongoing Security Monitoring
Incident Response

Here you will learn how to plan for each one of those areas and apply those recommendations based on your requirements.

All Events view in Azure Security Center

Upgrade to standard Tier for Hybrid Security

Search with analytics

Queries can be used to search terms, identify trends, analyze patterns, and provide many other insights based on your data.

Have a look and play with Azure Log Analytics.

Getting Started with the Analytics Portal

in this tutorial you will learn to write Azure Log Analytics queries. When completing this tutorial you will know how to:

  • Understand queries’ structure
  • Sort query results
  • Filter query results
  • Specify a time range
  • Select which fields to include in the results
  • Define and use custom fields
  • Aggregate and group results

Getting Started with Queries

Azure Security Center gives you Recommendations

For example to Encrypt your Virtual Machines in Azure with a Link

Integrated Azure security solutions
Security Center makes it easy to enable integrated security solutions in Azure. Benefits include:

Simplified deployment: Security Center offers streamlined provisioning of integrated partner solutions. For solutions like antimalware and vulnerability assessment, Security Center can provision the needed agent on your virtual machines, and for firewall appliances, Security Center can take care of much of the network configuration required.
Integrated detections: Security events from partner solutions are automatically collected, aggregated, and displayed as part of Security Center alerts and incidents. These events also are fused with detections from other sources to provide advanced threat-detection capabilities.
Unified health monitoring and management: Customers can use integrated health events to monitor all partner solutions at a glance. Basic management is available, with easy access to advanced setup by using the partner solution.

More on Integrated Azure Security Solutions

Compute Security Overview

Compute Security and Components view

Networking Security Overview

Storage & Data Security Overview

Identity and Access Overview in Azure Security Center

Application Whitelisting

Just in time virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed.

Attack scenario
Brute force attacks commonly target management ports as a means to gain access to a VM. If successful, an attacker can take control over the VM and establish a foothold into your environment.

One way to reduce exposure to a brute force attack is to limit the amount of time that a port is open. Management ports do not need to be open at all times. They only need to be open while you are connected to the VM, for example to perform management or maintenance tasks. When just in time is enabled, Security Center uses Network Security Group (NSG) rules, which restrict access to management ports so they cannot be targeted by attackers.

More on Just in Time Virtual Machine

Security Alerts

Azure Security Center’s advanced detection capabilities, helps you identify active threats targeting your Microsoft Azure resources and provides you with the insights needed to respond quickly

More on Azure Security Center detection capabilities

Custom Alert Rules

What are custom alert rules in Security Center?

Security Center has a set of predefined security alerts, which are triggered when a threat, or suspicious activity takes place. In some scenarios, you may want to create a custom alert to address specific needs of your environment.

Custom alert rules in Security Center allow you to define new security alerts based on data that is already collected from your environment. You can create queries, and the result of these queries can be used as criteria for the custom rule, and once this criteria is matched, the rule is executed. You can use computers security events, partner’s security solution logs or data ingested using APIs to create your custom queries.

More information about Custom Alert Rules in Azure Security Center

Threat Intelligence

Azure Security Center Playbooks

What is security playbook in Security Center?
Security playbook is a collection of procedures that can be executed from Security Center once a certain playbook is triggered from selected alert. Security playbook can help to automate and orchestrate your response to a specific security alert detected by Security Center. Security Playbooks in Security Center are based on Azure Logic Apps, which means you can use the templates that are provided under the security category in Logic Apps templates, you can modify them based on your needs, or you can create new playbooks using Azure Logic Apps workflow, and using Security Center as your trigger.

More on Azure Security Center Playbook

Hope this Microsoft Azure Security Center Overview will help to make your Hybrid IT more Secure !


Leave a comment

#Microsoft Azure Log Analytics Query Playground Available #MSOMS #Azure #Analytics #HybridCloud

Azure Log Analytics

You can access Log Analytics through the OMS portal or the Azure portal which run in any browser and provide you with access to configuration settings and multiple tools to analyze and act on collected data. From the portal you can leverage log searches where you construct queries to analyze collected data, dashboards which you can customize with graphical views of your most valuable searches, and solutions which provide additional functionality and analysis tools.

If you have no current monitoring in place for your Azure environment, you should start with Azure Monitor which collects and analyzes monitoring data for your Azure resources. Log Analytics can collect data from Azure Monitor to correlate it with other data and provide additional analysis.
If you want to monitor your on-premises environment or you have existing monitoring using services such as Azure Monitor or System Center Operations Manager, then Log Analytics can add significant value. It can collect data directly from your agents and also from these other tools into a single repository. Analysis tools in Log Analytics such as log searches, views, and solutions work against all collected data providing you with centralized analysis of your entire environment.

Microsoft Azure log analytics is very powerful for Hybrid IT management and getting you in control of your Hybrid Cloud Datacenter(s).

Select Data by type

You can change the chart here

Computers sending Heartbeat with date and time

Here you can export to Excel, PowerBI or Share the Query

Set your Query in a Time range

Here you find Online documentation and Query Reference guide

Start Today with Azure Log Analytics !

To play free with Microsoft Azure Log Analytics and Query on all the solutions there is a Demo environment available.

More links for Microsoft Azure Log Analytics :

Azure Log Analytics Query Language

Azure Log Analytics Query Examples

Azure Log Analytics website

Azure Log Analytics tech Docs Online

Microsoft Azure Management Blog

Microsoft Operations Management Suit (OMS) Blog

Social Media :

Microsoft Azure on Twitter

Microsoft OMS on Facebook #MSOMS

Get started with the Microsoft Azure Log Analytics Query Language today to get you and your Business in Control with innovative Hybrid IT Management.