Virtual machines pose a significant cybersecurity risk – their underlying applications and data are consumed outside the network by customers, partners, consultants, and LOB workers. Malicious actors who target these individuals and their business systems understand the native security limitations of the virtual network. Prevent your next security breach by educating users, adopting best practices and procuring proven solutions. So, sit back and enjoy the show on “Hacking Hypervisors”. 🙂
To realize the full benefit of any cloud computing platform—Azure, AWS, or any other—you need to implement best practices related to security and compliance. All too often, data center security takes a backseat to data center design, which puts businesses at a disadvantage when it comes to keeping up with data regulations and preventing data breaches. A 2017 report from Intel Security notes that only 23% of organizations completely trust public clouds to keep their data secure. But with the right resources, it is possible for your organization to achieve both compliance and security in the cloud—without high costs, special expertise, or performance setbacks.
With security being one of the biggest barriers to cloud adoption, Microsoft has been directing many of its resources that way, including a recent expansion of its Azure Security Center. Below are some of the main features of the Security Center; compare them with other available security options on the market to find the one you feel most confident in, and comfortable with.
Today, I am excited to announce I will be joining the awesome team at 5nine Software as Director of Product Management. My primary job responsibilities will be for the product strategy and direction of 5nine’s security and management solutions.
So, you ask, why Product Management? It’s been a lifelong dream to be part of shaping the direction of a technology solution. By joining 5nine, I hope to simplify IT, Cloud and beyond, because there’s always a better way 🙂
“What prepared me for this was very surprising looking back.”
Ignite 2017 Key takeaways
This was the first year I have not attended Microsoft Ignite, due to unforeseen circumstances. But this didn’t stop me from covering Ignite 2017. So here we go…
Ignite 2017 this year has about 25k attendees. During the same time as Ignite, they are also running Microsoft Envision. This is more focused to business leaders across industries. Its main focus is to have Business Leaders understand and manage their organizations in the Digital Age.
Ignite 2017 Attendee Breakout
- 47 % ITI/IT Pros
- 34% Developers
- 19% ITDM.
Top Industries Attended
- 34% IT and Software (flat YoY)
- 20% Education
- 9% Healthcare
- 9% Manufacturing
- 9% Professional & Business Services
Ignite Keynotes Summary and Links
- Satya Nadella – CEO
- Kirk Koenigsbauer (Modern Workplace)
- Jame Phillips (Business Applications)
- Scott Guthrie (The Enterprise Cloud)
Key Takeaways – Modern Workplace
Expanding Microsoft 365
- Microsoft 365 Firstline offering and Microsoft 365 Education
- New Windows 10 S devices from HP, Lenovo, Acer and Fujitsu starting at $275 USD
Intelligent personalized search power by Microsoft Graph
- Bing for business
- LinkedIn data integrated with Office 365 profile card
- Office 365 search & discovery improvements
- Windows 10 taskbar search
Intelligent Communications vision
- Bring voice and video + new cognitive and data services into Micro Teams
Advances in Intelligent Security
- Integrated Adminced threat Protection using Intelligent Security Graph
- Better data protection and access control across Microsoft 365
- New Compliance Manager, a single GDPR dashboard
Modernizing Business Process with Cloud and AI
Key Takeaways – Business Applications
New Microsoft Dynamics 365 AI Solutions
- First solutions for customer care includes a virtual agent for customers, an intelligent assistant for support staff and conversational AI management tools, power by Microsoft AI
- HP, Macy’s, and Microsoft already using this technology to improve customer satisfaction and handle more requests, more quickly
Modular apps for Dynamics 365
- New modular apps are lightweight SaS services designed to transform one business process at a time
- Work with Dynamics 3 business apps or can be used independently
- Extend existing systems of record, integrate with Office 365 and augment with LinkedIn insights.
- First to allow talent leaders and hiring managers to address a company’s most important asset, people
- Attract: focused on recruiting | Onboard: helps you make new employees successful – Available later this year.
Deeper integration for PowerApps and Microsoft Flow + Office 365 and Dynamics 365
- Rapidly build apps, automate tasks, simplify workflows and solve unique business problems.
- Allow any business user familiar with InfoPath forms, Access databases or SharePoint list. This allows customers to build apps that help them achieve more, on a single no-code/low code platform.
Apps and Infra/Data and AI
- Every customer is an AI customer
The Enterprise Cloud
Key Takeaways – Hybrid
Delivering true hybrid consistency
- Azure Stack shipping through OEM partners including Dell EMC, HPE, and Lenovo
- Database Migration Service (DMS)
Empowering customer to optimize costs
- Azure Hybrid Benefit for SQL server
- Azure Cost Management by CFloudyn – free to all Azure subscriptions
Key Takeaways – Intelligence
Any data, any place
- SQL Server on Linux Windows and Docker availability with SQL Server 2017 GA’
One convenient workbench for data scientists and AI developers
- Azure Machine Learning Updates
Build intelligent apps at global scale
- Azure Cosmos DB and Azure Functions integration
Performance and Scale for mission-critical analytic apps
- Azure SQL Data Warehouse preview release of new “optimized for compute” performance tier
Cloud for Good – Key takeaways
To empower nonprofits, Microsoft Philanthropies will:
- Microsoft has announced they met their 2016 commitment to donate $1 billion in cloud computing resources to nonprofits
- Continue the cloud donations program, and triple the number of nonprofits Microsoft serves over the next three years
- Launch a new Tech for Social Impact group, and the first offers, announced this week include:
- Microsoft 365 for Nonprofits
- Nonprofit Surface discounts for the first time ever
To get more detailed information about these announcements, please see links below or check out the Ignite2017 Site.
Official Microsoft Blog
Hybrid Cloud Blog
Data Platform Blogs
Until next time, Rob.
Identity is always something of a taboo subject and is still not clearly understood out there and the IT security landscape keeps evolving.
One of the recent changes past few years is a move away from (Access Control Lists) ACLs on files in the NTFS file system to an access control system that is based on claims. Claims based authentication is an industry standard security protocol to authenticate users. This is the underlying WS-* standards that describe the usage of Security Assertion Mark-up Language (SAML) tokens. Claims based auth requires these tokens, and by extension an entity that can issue the token. This is the Secure Token Service (STS). The STS server can be based on Active Directory Federation Services (ADFS) or other platforms that provide this service. This is where ADFS comes in and the highlight of this series.
Why Active Directory Federation Services (ADFS)?
When I started to work on ADFS, a number of years ago during my days as a consultant, most of my customer’s requests where simple:
“I want to federate with some application, hosted by some vendor, so that my users can login into this application without being prompted for credentials.”
This type of request may seems simple, but this where the power of the Single Sign-On(SSO) experience and the underlying technology is transformative.
So, what exactly is ADFS?
In plain English, it’s a web service that authenticates your users to Active Directory while also simultaneously providing them access to some claims-aware application (i.e. Office 365, Salesforce.com, etc.). Many times, these applications are typically used through the client’s web browser.The applications can be on-premises, off-premises, or even hosted by other companies. It doesn’t really matter where these applications live, who owns them, as long as they can accept a token with claims.
This blog post will review the history of ADFS and an overview ADFS itself. Next in the series I will cover deploying ADFS and configuring Federation with Office 365 on Nutanix in the lab. This will play into a series I am planing around Office 365 and Hybrid setup on Nutanix in the future. After that, I will cover different deployment scenarios. So sit back and enjoy the identity ride.
Active Directory Federation Services
ADFS is an identity access solution that provides client computers (internal or external to your network) with seamless SSO access to protected Internet-facing applications or services, even when the user accounts and applications are located in completely different networks or organizations. (i.e. think how you login with facebook to other services)
When an application or service is in one network and a user account is in another network, typically the user is prompted for secondary credentials when he or she attempts to access the application or service. These secondary credentials represent the user’s identity in the realm where the application or service resides. They are usually required by the Web server that hosts the application or service so that it can make the most appropriate authorization decision.
With ADFS, organizations can bypass requests for secondary credentials by providing trust relationships (federation trusts) that these organizations can use to project a user’s digital identity and access rights to trusted partners. In this federated environment, each organization continues to manage its own identities, but each organization can also securely project and accept identities from other organizations.
Below is an example of a typical Office 365 Deployment with ADFS
Hey everyone…I wanted to share a very cool update (and maybe a little of hero-worship 😀 ). Well, anyways, my job at Nutanix had another highlight recently. As many of your know, I love reading, breathing, consuming Microsoft technology. During my consumption of education, there number of people I follow, but there are few that stand out…and one that I spent a lot of time listening to via podcasts; Symon Perriman
I recently had the lucky chance to interview him for the Nutanix .Next Community Podcast. It was great honor to interview him with my colleague\buddy @ as we both had different points of views.
Symon joined 5nine Software earlier this year as Vice President, Business Development & Marketing and is how I came to meet Simon as part of my job in Technical Alliances at Nutanix.
For those of you who are not familiar with 5nine Software, 5nine has a great alternative management product for Hyper-V with benefits of simplified vCenter type management without the footprint of System Center. They also are the only vendor with agentless security product via the Hyper-V extensible virtual switch. Think vShield for Hyper-V…Very cool… 😎
For those that are not familiar with Symon…a brief history…
With more than 12 years of experience in the high-tech industry, Symon is an internationally recognized expert in virtualization, high-availability, disaster recovery, data center management, and cloud technologies.
As Microsoft’s Senior Technical Evangelist and worldwide technical lead covering virtualization, infrastructure, management and cloud. He has trained millions of IT Professionals, hosted the “Edge Show” weekly webcast, holds several patents and dozens of industry certifications, and in 2013 he co-authored “Introduction to System Center 2012 R2 for IT Professionals” (Microsoft Press). He graduated from Duke University with degrees in Computer Science, Economics and Film & Digital Studies.
Enjoy the show……
Until next time, Rob…