Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Windows Admin Center v2103 Available! What’s New #Winserv #Azure #Management #WindowsAdminCenter #MVPBuzz

Windows Admin Center v2103

With Windows Admin Center you can remotely manage Windows Server running anywhere—physical, virtual, on-premises, in Azure, or in a hosted environment.
The tool, available with your Windows Server license at no additional charge, consolidates and reimagines Windows OS tools in a single, browser-based, graphical user interface.
At Microsoft Ignite 2021 Global Virtual Event they launched Windows Admin Center version 2103. Here you find the download.

What’s New in Windows Admin Center v2103

WAC Updates Automatically

Events Tool ReDesign (Preview)

Great Overview of the Server Events 😉

Azure IoT Edge for Linux on Windows

Windows Admin Center in The Azure Portal 

Set Proxy Server in Windows Admin Center Settings.

Open in a Separate Window

This is a Separate Window on my Second Screen, this works Awesome!

Windows Admin Center Virtual Tool improvements 🙂

Conclusion

Microsoft is working hard to make Hybrid IT Management better for Administrators to manage Hybrid Cloud datacenters. Windows Admin Center is a must have for managing
Windows Server Core, AzureStack HCI, and Cluster Services. I can say: I love to work with Windows Admin Center 🙂

 

When you have feedback for the Product Team please do that here at User Voice


Leave a comment

Today is Microsoft Ignite 2021 Event of the Year #MSIgnite #Azure #Cloud #AzureStackHCI #Winserv and More

JOIN Microsoft Ignite 2021 Event

You don’t want to miss this Live Awesome Virtual Global Event of Microsoft 😉


Leave a comment

Dapr for .NET Developers E-book #microservices #dotnet #Dapr #Kubernetes #Azure #DevOps #developers

Dapr is an open source, portable, event-driven runtime that makes it easy for developers to build resilient, microservice, stateless and stateful applications that run on the cloud and edge. Dapr enables developers to focus on writing business logic and not solving distributed system challenges, thereby significantly improving their productivity, and reducing development time. Dapr lowers the bar for entry to build modern cloud native applications based on a microservices architecture and with this v1.0 release, Dapr applications can be deployed to self-hosted infrastructure or Kubernetes clusters in production scenarios.

Here you find an E-book about Dapr for .NET Developers 

Foreword by Mark Russinovich Azure CTO and Technical Fellow Microsoft

With the wave of cloud adoption well underway, there is a major shift happening towards “cloud native” development, often built with microservice-architectures. These microservices are both stateless and stateful, and run on the cloud and edge, embracing the diversity of languages and frameworks available today. This enterprise shift is driven by both the market forces of faster time to market, as well as the scale and efficiencies of building services for the cloud. Even before COVID-19, cloud adoption was accelerating for enterprises and developers were being asked to do even more to deliver on building these distributed system applications, and that has only accelerated since. Developers in enterprises seek to focus on business logic, while leaning on platforms to imbue their applications with scale, resiliency, maintainability, elasticity, and the other attributes of cloud-native architectures, which is why there is also shift towards serverless platforms that hide the underlying infrastructure. Developers should not be expected to become distributed systems experts. This is where Dapr steps in to help you, whether you are building on infrastructure such as Kubernetes, or on a serverless platform.

Dapr is designed as an enterprise, developer-focused, microservices programming model platform with the mantra “any language, any framework, run anywhere”. It makes building distributed applications easy and portable across any infrastructure, from public-cloud, through hierarchical edge, and even down to single node IoT devices.  It emerged from both our experiences building services in Azure as well as time spent working with customers building applications on Azure Kubernetes Service and Azure Service Fabric. Over and over, we saw common problems that they had to address. It became clear that there was a need to provide a “library” of common microservice best practices that developers could use, not only in new greenfield applications, but also to aid in the modernization of existing applications. In the containerized, distributed, and networked cloud native world, the sidecar model has emerged as the preferred approach, in the same way DLLs are preferred in the client/server generation. Using Dapr’s sidecar and APIs give you, as a developer, all the power of distributed systems functionality, with the ease of a single HTTP or gRPC local call.

To address the wide range of scenarios that developers face, Dapr provides features such as state management, service to service invocation, pub/sub and integration to external systems with I/O bindings, which are based on the triggers and bindings of Azure Functions. These in turn take advantage of Dapr’s component model which allows you to “swap out”, say different underlying state stores, without having to change any code, making code more portable, more flexible and allowing for experimentation of what best suits your needs. Developers don’t need to learn and incorporate service SDKs into their code, worry about authentication, secret management, retries or conditional code that targets specific deployment environments.

This book shows how Dapr reduces your development time and overall code maintenance by incrementally “Daperizing” the canonical .NET reference application, eShop. For example, in the original eShop implementation, significant amounts of code were written to abstract between Azure Service Bus and RabbitMQ for publishing events between services. All this code can be discarded and simply replaced with Dapr’s pub/sub API and component model which had an even wider range of pub/sub brokers, rather than just two. Dapr’s actor model, when used in the reworked eShop application, shows the ease of building long running, stateful, event driven, workflow applications with all the difficulties of concurrency and multi-threading removed. By the end of this book, you will see the drastic simplification that Dapr brings to your application development, and I firmly believe all developers embarking on a cloud native app building journey should leverage Dapr.

We publicly announced Dapr with the v0.1 release in Oct 2019 and now, a year and half later, I am thrilled to say that Dapr is ready for production usage with the v1.0 release. Getting Dapr to v1.0 has truly been a community effort. It has been amazing to see the open-source community coalesce around Dapr and grow since it was first announced – from 114 contributors in October 2019 to over 700 in early 2021 – a six-fold increase in 16 months! Contributions to the project have gone to every Dapr repo and have ranged from opening issues, commenting on feature proposals, providing samples, and of course contributing code. The parts of the project community members have contributed to the most include the Dapr runtime, docs, CLI, SDKs and the creation of a rich ecosystem of components. Maintaining this openness is critical to Dapr’s future.

Dapr is really just getting started, though, and you should expect to see more Dapr capabilities and more support for Dapr in Azure services. I hope that you will take advantage of Dapr to enable you to focus on your core business logic and accelerate your microservices development. I am are excited to have you join us in the Dapr community on this journey athttps://github.com/dapr/ and on Discord https://aka.ms/dapr-discord.

Modern distributed systems are complex. You start with small, loosely coupled, independently deployable services. These services cross process and server boundaries. They then consume different kinds of infrastructure backing services (databases, message brokers, key vaults). Finally, these disparate pieces compose together to form an application.

Mark Russinovich Azure CTO and Technical Fellow Microsoft

Thank you Author; Rob Vettor, Sander Molenkamp and Edwin van Wijk for this Awesome E-book 😉


Leave a comment

Get Started with the #Microsoft Azure Storage Explorer #AzOps #Azure #Cloud #Storage

Upload, download, and manage Azure blobs, files, queues, and tables, as well as Azure Cosmos DB and Azure Data Lake Storage entities. Easily access virtual machine disks, and work with either Azure Resource Manager or classic storage accounts. Manage and configure cross-origin resource sharing rules.

Microsoft Azure Storage Explorer

The Microsoft Azure Storage Explorer App is standalone and available for Windows, Linux and MacOS operating systems.
Here you find the Prerequisites and the Download files for Azure Storage Explorer.

Here you see how easy it is to create a snapshot before you begin with a Installation on the Azure Virtual Machine.

Create a Snapshot

Give the Snapshot a Name and select the Resource Group.

Snapshot Created Successfully 😉

When you open the Azure Portal and search for snapshots :

Phantom OS Disk with a Full Snapshot.

Azure Storage Explorer Emulator for Developers

Azurite open source Azure Storage API compatible server (emulator)

Azurite is an open source Azure Storage API compatible server (emulator). Based on Node.js, Azurite provides cross platform experiences for customers wanting to try Azure Storage easily in a local environment. Azurite simulates most of the commands supported by Azure Storage with minimal dependencies.

Azurite V2 is manually created with pure JavaScript, popular and active as an open source project. However, Azure Storage APIs are growing and keeping updating, manually keeping Azurite up to date is not efficient and prone to bugs. JavaScript also lacks strong type validation which prevents easy collaboration.

Compared to V2, Azurite V3 implements a new architecture leveraging code generated by a TypeScript Server Code Generator we created. The generator uses the same swagger (modified) used by the new Azure Storage SDKs. This reduces manual effort and facilitates better code alignment with storage APIs.

3.0.0-preview is the first release version using Azurite’s new architecture.

Features & Key Changes in Azurite V3

  • Blob storage features align with Azure Storage API version 2020-04-08 (Refer to support matrix section below)
    • SharedKey/Account SAS/Service SAS/Public Access Authentications
    • Get/Set Blob Service Properties
    • Create/List/Delete Containers
    • Create/Read/List/Update/Delete Block Blobs
    • Create/Read/List/Update/Delete Page Blobs
  • Queue storage features align with Azure Storage API version 2020-04-08 (Refer to support matrix section below)
    • SharedKey/Account SAS/Service SAS
    • Get/Set Queue Service Properties
    • Preflight Request
    • Create/List/Delete Queues
    • Put/Get/Peek/Updata/Deleta/Clear Messages
  • Features NEW on V3
    • Built with TypeScript and ECMA native promise and async features
    • New architecture based on TypeScript server generator. Leverage auto generated protocol layer, models, serializer, deserializer and handler interfaces from REST API swagger
    • Flexible structure and architecture, supports customizing handler layer implementation, persistency layer implementation, HTTP pipeline middleware injection
    • Detailed debugging log support, easy bug locating and reporting
    • Works with storage .Net SDK basic and advanced sample
    • SharedKey, AccountSAS, ServiceSAS, OAuth, Public Access authentication support
    • Keep updating with latest Azure Storage API version features (Refer to support matrix)

Introducing the ADF Azure Storage Explorer Extension

Azure Data Factory extension for Storage Explorer

Conclusion

Microsoft Azure Storage Explorer tool can make your life easier to do your Azure Storage Management. Copy – Paste data is a Great and handy feature for Administrators.
Hope this is useful and go try it yourself.


Leave a comment

Running #Dapr in WSL2 Ubuntu 20-04 distro in #WindowsInsider Build 21277 RS and #VSCode

Working with Dapr in WSL2 Remote VSCode and Ubuntu 20.04 distro

Dapr is a portable, event-driven runtime that makes it easy for any developer to build resilient, stateless and stateful applications that run on the cloud and edge and embraces the diversity of languages and developer frameworks.

 

Developer language SDKs and frameworks

To make using Dapr more natural for different languages, it also includes language specific SDKs for Go, Java, JavaScript, .NET and Python. These SDKs expose the functionality in the Dapr building blocks, such as saving state, publishing an event or creating an actor, through a typed, language API rather than calling the http/gRPC API. This enables you to write a combination of stateless and stateful functions and actors all in the language of their choice. And because these SDKs share the Dapr runtime, you get cross-language actor and functions support.

SDKs

Dapr in Standalone version.

I’m using Windows Insider Build version 21277-RS with Docker for Windows Edge and Visual Studio Code.

Docker for Windows Edge Version Running.

Because Docker for Windows Edge support WSL2 Engine and Visual Studio Code too, brought me to an idea to build dapr into Ubuntu 20.04 WSL Distro on my Windows Insiders 21277 RS version on my Surface Book 3. There for you must activate the WSL2 integration with my default WSL distro Ubuntu-20.04.

Docker for Windows WSL 2 Integration.

In your Ubuntu-20.04 WSL2 version, you can install Dapr into your linux distro, more information you find here on dapr.io

Microsoft Windows Subsystem for Linux Installation Guide for Windows 10 with all kind of Linux distro’s 

Dapr init ( in the Ubuntu-20.04 WSL2 Linux distro )

Here you find the Dapr dev environment installation types for Dapr init, I did the standalone version. Dapr makes then the following containers :

Dapr Containers.

Then we have the following running :

  • Dapr Dashboard
  • Zipkin

Zipkin is a distributed tracing system. It helps gather timing data needed to troubleshoot latency problems in service architectures. Features include both the collection and lookup of this data.

Zipkin Traces

Dapr Dashboard

Now we have Dapr running in the WSL2 Ubuntu-20.04 distro, you can use Visual Studio Code on Windows Insiders using Remote WSL and work with your favourite dapr SDK like the list above 😉

Dapr Extension in VSCode

From here you can work with your dapr application.

In this guide dapr is running with Docker containers, but you can also install it on Kubernetes or K8s, AKS, Azure any where, see this overview :

Dapr with Kubenetes Containers.

Dapr Overview.

Important Note : Dapr is now production ready with version 1.0 ! Developers, DevOps, AzOps, you can start with it and Build and Test your own microservices and Container apps !  Hope you are having fun with it too 😉

 

 


Leave a comment

Happy Holidays and I wish you a Healthy 2021 #Azure #Cloud #MVPBuzz #Winserv #Security #Healthcare

It’s a year full of misery with the Covid-19 virus around the world. People who lose their loved one, It’s a very sad time for all of us! Microsoft technologies are still going on strong with new features in Azure Cloud Services but also supporting the people who are working in the healthcare, data analytics, Microsoft Teams for Collaboration and much more. But what I want to say to all HealthCare people over the world : THANK YOU SO MUCH FOR ALL THE WORK YOU DO 👍
I have deep respect for you all !
Community, Microsoft Product Teams, MVP Lead, WIndows Insiders, I wish you and your family happy holidays and a Healthy 2021 with lot of Success! 🎄😍

 


Leave a comment

#WindowsAdminCenter – Installing Windows Server version 20H2 Core Build 10.0.19042 #Winserv #HybridIT #Azure

Windows Admin Center Hyper-V Host

Simplify server management

Manage all your server environments with familiar yet modernized tools, such as the reimagined Server Manager and streamlined MMC tools, from a single, browser-based, graphical user interface. Admins can manage Windows Server instances anywhere: on-premises, in Azure, or in any cloud.

Operate hybrid seamlessly

Extend on-premises deployments of Windows Server to the cloud by using the Azure hybrid services found in Windows Admin Center. Use Azure for:

  • Backup and disaster recovery
  • Additional capacity for compute, file servers and storage
  • Centralized management for monitoring, threat protection and update management

You can download Windows Admin Center here

In the following steps we will install Windows Server Core 20H2 version Build 10.0.19042 via Windows Admin Center on my Hyper-V Host called Starship01.mvplab.cloud.
I have Windows Admin Center already running for my MVPLAB with a Windows Server 2019 Hypervisor host. From here I will install a New Windows Server Core 20H2 Machine.

Click in the Left toolbar on Virtual Machines 
and then on Add New

Deployment settings for the New Virtual Machine.

Here we set the following settings :

  • Virtual Machine Name
  • Generation VM ( gen 2 is recommended )
  • The path of the VM settings and Disk
  • Virtual Processors
  • a mark for nested virtualization ( for the Hyper-V feature )
  • Memory
  • Network / Virtual Switch
  • Storage

 

When you Add Storage you can select also the new ISO file for Installation.

I changed the Size of the Operating Disk from 127GB to 50GB
And I selected the path to the Windows Server Core 20H2 ISO.
Then Click on Create.

Windows Admin Center will create the Virtual Machine really fast.

Now the Window Virtual Machine Dark20H2 is created by Windows Admin Center on the Hyper-V Host, we can do the Windows Server Core 20H2 Installation by starting the Virtual Machine.

Before you Start running the VM, have a look at the settings

If you want you can set more Security features here.
You can set Encryption and Security Policy.

Start the Virtual Machine here for Installation of Windows Server Core 20H2
( The ISO is connected )

Installation of Windows Server Core 20H2 version Build 10.0.19042

The virtual Machine is running and now we can connect it via Windows Admin Center to do the installation of Windows Server.

Click on Connect

Use your Windows Admin Center account and mark
for the certificate. Then Click on Connect

Here we see the Console for the Windows Server Installation.

Install Now.

The Windows Server Core 20H2 is Installed.

Of course you can now configure the Machine via SConfig.exe, I only gave the Server name and a static IP address with DNS.

Via Windows Admin Center ( Manage) you can add the Machine to the domain.

Add the Server to the domain with your account and Click on Join

Server will Restart, Click on Yes

Dark20H2 Joined the Domain MVPLAB.CLOUD Successfully

 Adding the Windows Server Core 20H2 to Windows Admin Center

Add Dark20H2.mvplab.cloud to Windows Admin Center.

Of course I want to manage the server with Windows Admin Center and use all the tools I need to securely manage this Server.

Windows Server Core 20H2 in Windows Admin Center.

First thing what I do in my MVPLAB is Windows Updates.

December Updates for Windows Server Core 20H2

Updates Installed Successfully 🙂

Azure Hybrid Services

Azure Hybrid Services

You can extend on-premises deployments of Windows Server to the cloud by using Azure hybrid services. These cloud services provide an array of useful functions, both for extending on-premises into Azure, and for centrally managing from Azure. Think of :

  • Azure Backup Services
  • Azure Monitoring Services
  • Disaster Recovery
  • Azure File Sync Services
  • Azure Security Center / Azure Defender Services

Here you find more information about Azure Hybrid Services

Conclusion

Windows Admin Center is a must have when you have to manage Windows Server Core versions, you don’t have to worry about all the Commands of Windows Server Core. With Windows Admin Center it becomes easy to do the complete installation of the server and this include also all features of Windows Server Core 202H2 Build 10.0.19042. It becomes really powerful when you use it in a Hybrid way by connecting to Microsoft Azure Cloud Services. Earlier I wrote a blogpost about Windows Admin Center and Azure Security Center

I Hope this is useful for you, and start your journey with Windows Admin Center & Windows Server Core versions 😉

JOIN the Windows Admin Center Community Group on LinkedIn


Leave a comment

What’s New in Azure Security Center! #ASC #Security #Azure #SecOps #SIEM

What’s New in Azure Security Center

Security Center is in active development and receives improvements on an ongoing basis. To stay up to date with the most recent developments, this page provides you with information about new features, bug fixes, and deprecated functionality.

November 2020

Updates in November include:

Azure Defender

Microsoft Azure Defender Dashboard

Azure Security Center’s features cover the two broad pillars of cloud security:

  • Cloud security posture management (CSPM) – Security Center is available for free to all Azure users. The free experience includes CSPM features such as secure score, detection of security misconfigurations in your Azure machines, asset inventory, and more. Use these CSPM features to strengthen your hybrid cloud posture and track compliance with the built-in policies.
  • Cloud workload protection (CWP) – Security Center’s integrated cloud workload protection platform (CWPP), Azure Defender, brings advanced, intelligent, protection of your Azure and hybrid resources and workloads. Enabling Azure Defender brings a range of additional security features as described on this page. In addition to the built-in policies, when you’ve enabled any Azure Defender plan, you can add custom policies and initiatives. You can add regulatory standards – such as NIST and Azure CIS – as well as the Azure Security Benchmark for a truly customized view of your compliance.

Here you can read about Microsoft Azure Defender on Docs.

Additional threat protections in Azure Security Center

Microsoft Azure Security Center Team is working hard on additional threat protections for :

  • Threat protection for Azure Network Layer
  • Threat protection for Azure Resource Manager ( Preview)
  • Threat Protection for Azure Cosmos DB ( Preview)
  • Threat Protection for Azure WAF
  • Threat Protection for Azure DDoS Protection

More information about additional Threat protections here on Docs.

What is Azure Sentinel?

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Read here more about Microsoft Azure Sentinel

Who to follow on Social Media for Azure Security Center

On twitter you have to follow Principal Program Manager at Microsoft C+AI Security Yuri Diogenes : @yuridiogenes

On YouTube you can subscribe to Azure Security Center in the Field ( #ascinthefield) YouTube

Microsoft Azure Security Center Website

Microsoft Azure Sentinel Website

On Microsoft Tech Community platform : Become an Azure Security Ninja

On LinkedIn JOIN the Microsoft Azure Monitor & Security for Hybrid IT Community Group

 


Leave a comment

Being a Windows Insider is Awesome ! #Windows10 #WIMVP #WindowsInsiders

Windows Insiders Build 20246

Windows Insider Program

I Love being the first to see what’s next for Windows in the Windows Insider Program. For me It’s a way of Life to support Microsoft by giving feedback, suggestions and ideas for Windows 10 New innovations and improvements. I feel I’m building together with the Microsoft Product Team and Community to make a better product every week. It’s awesome too see that Microsoft is solving your feedback issue or your idea is coming in the next Windows Insider Build Release 🙂 I’m a Windows Insider MVP but also a Cloud and Datacenter Management MVP for the Community sharing New Microsoft Technologies.
You can join the Microsoft Windows Insider Program too and work with the newest Windows Insider Preview Builds of Microsoft.

Windows Insider Feedback Hub

Windows Insider Program

When you joined the Windows Insider program, you only have to activate the right Windows Insider Channel in your Windows10 Operating system. Go to Settings and Click on Windows Insider Program.

Windows Insider Program

First you login with your Windows Insiders Registration email address to get connection with the Windows Insiders Preview Build version. Then you have to select in which Windows Insiders Channel you want :

Here you see the Windows Insiders Channels.

I’m using all the Channels on different Machines as a MVP

When you select your Windows Insiders Channel, then you go to Windows Updates and get the latest Windows Insiders Preview Build of your Channel to download and Install.

Downloading Windows Insider Preview Build 20251 in the Dev Channel.

After downloading, rebooting, installing the new Windows Insiders Preview Build, you can test Windows 10 with the newest features of Microsoft and give your feedback and ideas in the Feedback Hub on your Machine.
Here you find the Microsoft Windows Insider Blogpost about this Preview Build 20251

Here you find all the Windows Insiders Preview Blogposts

When you found a new Issue in Windows Insider Preview Build or you want to give your idea to Microsoft, open the Windows Insiders Feedback Hub on your local machine here:

Click here on Give Feedback.

Summarize your feedback and Explain in more details

Select at Category if it’s a problem or Suggestion
and the category recommendations.
Click on Next

Find Similar Feedback Click Next

Add More Details.

For the Microsoft Windows Insider Engineers It’s important to get Screenshots and the data. Start recording and show Microsoft your issue in this Windows Insider Preview Build. Save the recordings ! and Send your feedback to Microsoft.

You can support Microsoft by giving feedback when something is fixed for you.

Here I report that the File Explorer issue is solved in Build 20251.

In the Feedback Hub you find more like Quests, Achievements, and Announcements from Microsoft Windows Insider Program.

Windows Insider Achievements

For the work you do free because you like to test the newest Microsoft Windows features, you can earn Microsoft Badges.

Microsoft Windows Insider Quests

With Microsoft Windows Insider Quests, Microsoft ask you to test new features and give your feedback about it.
They explain the feature and the steps so you can try it yourself. I love these quests, because then you learn about the new features and innovation you try out.

here you see the Microsoft Windows Insider Announcements to keep you Up-to-Date

Windows Insider Community

Being a Windows Insider in the Community is Awesome, you make friends on social media who share the same technology interest, asking questions and keep each other posted on new updates. Microsoft Windows Insiders program is really active on Twitter with handler @windowsinsider 

We use Hashtag’s : #WindowsInsiders #WIMVP #Windows10

 

#WIMVPBenelux every week in Teams is FUN 

 @aavdberg

Follow the Microsoft Windows Insider Team :
Who to Follow on Twitter:

Jen Gentleman : @JenMsft
Amanda Langowski : @amanda_lango
Jason Howard : @NorthFaceHiker
Eddie Leonard : @DJ_EddieL
Brandon LeBlanc : @brandonleblanc

Conclusion

When you like to work with the Newest Microsoft Windows Insider Preview Build versions to test and explore New innovated features in Windows 10 or Windows Server, then JOIN the Windows Insider Program.
I really like this program and being connected with Microsoft Product Group, giving feedback and working Together with the Community to make a better product every time. For me It’s a way of life, It’s a Great Hobby for me but also my Work 😉
Have Fun with the Windows Insider Program, and Learn on the Job !

 


Leave a comment

Windows Admin Center with Azure Security Center integration #ASC #WindowsAdminCenter #Winserv #Azure

Windows Admin Center for Hybrid IT Management

As an Administrator, I like to work with Microsoft Windows Admin Center, It’s a locally deployed, browser-based app for managing Windows servers, clusters, hyper-converged infrastructure, as well as Windows 10 PCs. You can download Windows Admin Center here and use it for Free in your Production environment. What is Windows Admin Center? What are my benefits? Here you see Windows Admin Center Architecture how it works.

Windows Admin Center Architecture.

So you can use Windows Admin Center everywhere, you can Install it on a Server on-premises without any internet connections, or in a hybrid way with a internet connection for Cloud
services integrations like Azure Backup, Azure Security Center, Azure Monitor or Azure File Sync and to manage your Virtual Machines in the Cloud.
Microsoft is now busy with Windows Admin Center in the Azure Portal in Preview to manage your Hybrid Datacenter. Here you find a blogpost about it in the Microsoft Tech Community.

Manage Internet Access in Windows Admin Center.

Datacenter Administrators want to manage Windows Servers in an Easy way but it must be secure. Microsoft has some user access options for using Windows Admin Center.
The one I like most is Microsoft Azure MFA (Two-Factor-Authentication) on your Windows Admin Center environment. Here you find more information about User Access WAC.

Choose the right Windows Admin Center installation for your environment:

Windows Admin Center Installation types.
These are Production Ready.

But don’t forget the Microsoft Windows Admin Center in the Azure Portal Preview :

Windows Admin Center in the Azure Portal Preview.

Windows Admin Center | Management | Azure Security Center Integration.

The Power of a Modern Management tool like Windows Admin Center is the Extensions feature to integrate with external Services like Azure Cloud Services, or third party vendors like Dell EMC or HP, Fujitsu, Data-On with great management solutions. An other example of a Windows Admin Center Extension are Containers. 

In the following steps you will see how easy it is to manage and integrate Azure Security Center into Windows Admin Center for your Servers.

When you have installed Windows Admin Center, you have to add your Microsoft Azure Subscription into WAC.

Azure Registration in Windows Admin Center.

In the upper right you have the settings icon of Windows Admin Center, from there you can select Azure and do the registration. What it will do is making a API with your Microsoft Azure subscription:

Here you see the Registration in Microsoft Azure.

When that is completed successfully, you can add the Microsoft Azure Services via Extensions in Settings. We are going to Select Azure Security Center.

Install the Microsoft Azure Security Center Extension.

From here you have installed the basics for your Servers, now the Microsoft Azure Security Center feature is added in the left management bar at each Server in Windows Admin Center.
Now we only have to register the Servers into Azure Security Center with Windows Admin Center.

Here you see my MVPLAB Machines.

I have two Azure Stack HCI virtual Machines and I like to know if they are secure. ( Skywalker01 and Skywalker02) I start with the Azure Security Center Installation on Skywalker01 VM.

Azure Stack HCI VM called Skywalker01.mvplab.cloud
Sign into Azure.

Select your Azure Subscription, Create or Use existing workspace.
Select Region, and Create or use existing Resource Group.
Click on Setup.

The Virtual Machine will be added to Azure Security Center.

From here it need some time to do the job with doing assessments, getting the metadata of the server with log analytics. Microsoft Azure Security Center will come with security recommendations like:

Here you can do a Quick Fix and do Remediation.

 

After a view minutes the Security issues are also coming into Windows Admin Center.

Here I get some Security advice in Windows Admin Center for Skywalker01 VM

Here you see the Power of the Azure Cloud with Log Analytics and the
Azure Security Center baselines for Skywalker01 Azure Stack HCI VM.

I forgot Skywalker02 VM to do the monthly security updates and that is a Security Risk too of course :

Skywalker02 Azure Stack HCI VM at High Security Risk.
(No updates)

Of course we have Windows Updates in Windows Admin Center, Just have to select and approve the updates for Skywalker02 to solve this high Risk issue.

Skywalker02 Azure Stack HCI VM Security Risk Solved 😉

Conclusion

In a Hybrid IT world today is Better Together my motto with Windows Admin Center and Microsoft Azure Security Center you have a Great solution. You can make your own Azure Security Center Baseline policy to deploy on your Windows Servers to make them more Secure. Get a High Security Score ! And don’t worry you can add all your Windows Servers into Windows Admin Center if they are on-premises or in the Cloud.
With Azure MFA Two-Factor access authentication, you make your Management tool Windows Admin Center more Secure for your environment. If you don’t use Windows Admin Center yet, start Today !

More Information :

Windows Admin Center on Twitter : @servermgmt

Windows Admin Center Docs 

Windows Admin Center Website

Follow The Windows Admin Center Blog on Microsoft Tech Community

Join the Windows Admin Center Community