Category: Microsoft
Category Archives: Microsoft
Microsoft and Industry Leaders Enable RAN and Platform Programmability with Project Janus
Barcelona – February 26, 2024. Today at MWC 2024, Microsoft announced Project Janus, along with leaders across the telecommunications industry. Project Janus uses telco-grade cloud infrastructure compatible with O-RAN standards to draw on fine-grained telemetry from the radio access network (RAN), the edge cloud infrastructure, and other sources of data. This enables a communication service provider (CSP) to gain detailed monitoring and fast closed loop control of their RAN network. Janus has support and participation from CSPs such as Deutsche Telekom, and Vodafone; RAN and infrastructure providers CapGemini, Mavenir, and Intel Corporation; and RIC vendors and software innovators Juniper Networks, Aira Technologies, Amdocs, and Cohere Technologies.
“We know how vital the performance, security, and automation of the network is for CSPs, and going forward, more accurately optimizing complex networks,” said Yousef Khalidi, Corporate Vice President, Azure for Operators at Microsoft. “That’s why we’re excited to debut Project Janus alongside leading partners and supporters as an O-RAN compatible extension that makes RAN and platform even more programmable and optimized.”
Project Janus helps CSPs optimize RAN performance through visibility, analytics, AI, and closed loop control. To meet this objective, Microsoft and industry collaborators built a set of capabilities including RAN instrumentation tools that:
leverage the existing E2 O-RAN interface
update its service models to communicate with components of a CSP’s RAN and SMO architecture including the Distributed Unit (DU), Centralized Unit (CU), and RAN Intelligent Controller (RIC).
RAN, RIC, and xApp and rApp vendors are able to develop and use instrumentation tools to capture RAN data dynamically, and also combine them with platform data from cloud-based platforms hosting the RAN workloads.
This architecture enables several new use cases, such as precise analytics for anomaly detection and root cause analysis, interference detection, and optimizing other RAN performance metrics. The framework also enables new applications, such as fast vRAN power saving, failover, and live migration.
Project Janus will be available for everyone to include in their platform and network functions and will be supported natively by Microsoft’s Azure Operator Nexus platform.
To see specific use case examples, visit the “Unlock Operator Value with Programmable RAN & Platform” pod in the Microsoft booth at Mobile World Congress 2024 at 3H30 in Hall 3 during February 29-29, 2024 and check out www.microsoft.com/research/project/programmable-ran-platform/videos. Also read Mavenir, Microsoft and Intel Team for Real-Time Layer 1 vRAN Control white paper.
Telecommunications leaders are sharing support for the collaborative initiative:
Deutsche Telekom – “This initiative shows great promise to increase the pace of innovation and unlock new value through dynamic, customizable RAN data and analytics that can work within an O-RAN compliant framework. We look forward to seeing the participation by even more companies and developers in this burgeoning ecosystem.” – Petr Ledl, Vice President of Network Trials and Integration Lab and Chief Architect of Access Disaggregation program at Deutsche Telekom.
Vodafone – “The dynamic service models enabled by Project Janus are fully aligned with the vision of Open RAN in supporting the scale deployment of software-defined RAN. Access to the correct data at the right time and intelligent algorithms based on AI/ML capabilities will introduce significant performance and capacity benefits for all existing cellular networks and enable real autonomous ones.” – Francisco Martín Pignatelli, Head of Open RAN at Vodafone.
Hear from Microsoft Collaborators:
CapGemini – “CapGemini in collaboration with Microsoft has successfully demonstrated implementation of several use cases such as anomaly detection, energy savings and interference detection using Janus. These efforts have also demonstrated the benefits of being able to combine and reason over dynamic data from RAN, incremental to the predefined data types already available today, with dynamic data from the O-Cloud platform using Janus dynamic service models such as resolving key integration issues between RAN and platform as well as offering the power of leveraging AI/ML applications by developers to more precisely target areas of improvement for the RAN network.” – Rajat Kapoor, Vice President and Head of Software Frameworks at Capgemini.
Mavenir – “Improving RAN visibility and real-time control is essential to a CSP’s network performance and security, and it is Mavenir’s goal to support our customers with state-of-the-art observability. Data from our O-RAN-compliant DU/CU can be easily extracted dynamically and made available within our product management tools for tuning the operation of the Mavenir RAN. We demonstrated an advanced on-site debugging tool and customizable interference detection solution with Janus, which highlighted the flexibility of Janus to solve problems in real-time and improve system performance. With Janus, data from our Open RAN compliant DU can also be made available to an ecosystem of O-RAN focused application developers to provide insights and recommendations to the CSP to address and improve their network performance.” – Bejoy Pankajakshan, EVP, Chief Technology & Strategic Officer at Mavenir.
Intel Corporation – “With Intel FlexRAN reference architecture, Intel has been at the forefront of enabling the industry with virtualized, Open RAN to drive performance, flexibility and innovations, including AI. Microsoft’s Janus builds on FlexRAN’s software programmability to expose new data streams and application capabilities to the next generation of xApp developers, accelerating the adoption of AI in RAN networks to provide even more value to service providers”- Cristina Rodriguez, Vice President and General Manager of Wireless Access Network Division at Intel.
Juniper Networks – “Using the existing E2 O-RAN interface, Janus introduces the capability to bring more timely and customized RAN telemetry to Juniper Near-Real Time RIC. From this, we can enable xApp developers to use the incremental data to more precisely target areas of improvement for the performance and optimization of a RAN network.” – Constantine Polychronopoulos, Group VP of 5G and Telco Cloud at Juniper Networks.
Aira Technologies – “Our mission at Aira as an AI Defined Networking company is to enable the fully autonomous cellular RAN and our application of ML to wireless baseband processing is an industry first. Aira has showcased the use of Janus to collect and forward dynamic RAN data into our near-real time xApp where we apply leading-edge machine learning to drive better channel estimation and prediction to help maximize downlink throughput and range. We look forward to demonstrating, with Microsoft and the growing O-RAN ecosystem, even more innovation built on disaggregated and programmable networks.” – Anand Chandrasekher, Co-Founder and CEO at Aira Technologies.
Amdocs – “As a leading service provider and member of the ARI-5G Consortium, Amdocs is a key proponent of Open RAN and dedicated enabler of RAN intelligence and optimization and we do this today by offering among other things, Amdocs’ xApps such as the massive MIMO xApp. With Janus we look forward to leveraging dynamic service models with our network applications to further accelerate RAN performance and programmability for our CSP customers.” – Oleg Volpin, Division President Europe, Telefonica Global and Network Offering Division at Amdocs.
Cohere Technologies – “Cohere along with key operators and vendors is driving Multi-G ecosystem to enable co-existence of 4G, 5G and 6G and helping operators to do spectrum management in a seamless way. Janus’s dynamic infrastructure helps realize Multi-G’s dynamic infrastructure requirements and helps this vision.” – Prem Sankar Gopannan, Vice President of Product Architecture and Software Engineering.
Microsoft Tech Community – Latest Blogs –Read More
🤖🧵Microsoft Fabric AI Hack Together: Building RAG Application on Microsoft Fabric & Azure Open AI
Hack Together: The Microsoft Fabric Global AI Hack
The Microsoft Fabric Global AI Hack is your playground for creating and experimenting with Microsoft Fabric. With mentorship from Microsoft experts and access to the latest tech, you will learn how to build AI solutions with Microsoft Fabric! The possibilities are endless for what you can create… plus you can submit your hack for a chance to win exciting prizes! 🥳
Join the Microsoft Fabric Global AI Hackthon
Learn how to create amazing apps with RAG and Azure Open AI
Are you ready to hack and build a RAG Application using Fabric and Azure Open AI?
🧠Join us for the Fabric AI Hack Together event and learn the concepts behind RAG and how to use them effectively to empower with your data with AI.
🤲 You’ll get to hear from our own experts Pamela Fox (Principal Cloud Advocate at Microsoft) and Alvaro Videla Godoy (Senior Cloud Advocate at Microsoft) who will introduce you to the challenge, provide links to get started, and give you ideas an inspiration so you can start creating amazing AI solutions with minimal code and maximum impact. :fire:
🏋🏼 You’ll also get to network with other hackers, mentors, and experts who will help you along the way. Come with ideas or come for inspiration, we’d love to hear what you’re planning to build!
Microsoft Tech Community – Latest Blogs –Read More
Announcing Face API Liveness Pricing
Microsoft Tech Community – Latest Blogs –Read More
Microsoft and SAP work together to transform identity for SAP customers
SAP has recently announced its collaboration with Microsoft and advises their SAP Identity Management (IDM) customers to move their identity management scenarios to Microsoft Entra ID as their IDM approaches the end of maintenance. This latest collaboration creates new possibilities for Microsoft Entra and SAP to offer enhanced integration that will support a comprehensive identity and access governance framework.
Microsoft and SAP will deepen our longstanding partnership to combine our unique areas of expertise. We are committed to delivering the best identity management solutions for our customers and users, and we’re honored to partner with SAP on delivering seamless and secure identity management experiences that will support SAP customers’ digital transformation and cloud adoption goals. Over the years we’ve worked together to integrate our products and services, such as Microsoft Azure, Microsoft 365, SAP Cloud Platform, SAP S/4HANA, and SAP SuccessFactors.
Our aim is to help SAP customers with their migration path so they can continue to connect enterprise software and collaboration tools to work and innovate effectively, quickly, and seamlessly.
To learn more about our latest collaboration, read the blog post here.
Irina Nechaeva, General Manager, Identity and Network Access
Learn more about Microsoft Entra:
Related Articles: SAP’s blog - Preparing for SAP Identity Management’s End-of-Maintenance in 2027.
See recent Microsoft Entra blogs
Dive into Microsoft Entra technical documentation
Learn more at Azure Active Directory (Azure AD) rename to Microsoft Entra ID
Join the conversation on the Microsoft Entra discussion space
Learn more about Microsoft Security
Microsoft Tech Community – Latest Blogs –Read More
How to handle azure data factory lookup activity with more than 5000 records
Hello Experts,
The DataFlow Activity successfully copies data from an Azure Blob Storage .csv file to Dataverse Table Storage. However, an error occurs when performing a Lookup on the Dataverse due to excessive data. This issue is in line with the documentation, which states that the Lookup activity has a limit of 5,000 rows and a maximum size of 4 MB.
Also, there is a Workaround mentioned (Micrsofot Documentation): Design a two-level pipeline where the outer pipeline iterates over an inner pipeline, which retrieves data that doesn’t exceed the maximum rows or size.
How can I do this? Is there a way to define an offset (e.g. only read 1000 rows)
Thanks,
-Sri
Hello Experts, The DataFlow Activity successfully copies data from an Azure Blob Storage .csv file to Dataverse Table Storage. However, an error occurs when performing a Lookup on the Dataverse due to excessive data. This issue is in line with the documentation, which states that the Lookup activity has a limit of 5,000 rows and a maximum size of 4 MB. Also, there is a Workaround mentioned (Micrsofot Documentation): Design a two-level pipeline where the outer pipeline iterates over an inner pipeline, which retrieves data that doesn’t exceed the maximum rows or size. How can I do this? Is there a way to define an offset (e.g. only read 1000 rows) Thanks,-Sri Read More
How to create mail Rules in Purview?
Is there a simple guide to create Mail Handling Rules in Purview?
They are forcing us to transition to Purview, but did transfer our existing rules. Great.
Searches for Rules in Purview return 0 results, nice.
Is there a tool for Transferring from the Exchange rules?
Is there a simple guide to create Mail Handling Rules in Purview?They are forcing us to transition to Purview, but did transfer our existing rules. Great.Searches for Rules in Purview return 0 results, nice.Is there a tool for Transferring from the Exchange rules? Read More
Spreadsheets to Lakehouse – A History of Microsoft Fabric
Over the course of the last year I’ve had customers and colleagues ask “What exactly is Microsoft Fabric?”, and decided there could be value in creating a presentation that takes a deep dive into that topic. The video below is a recorded version of a presentation I gave at SQL Saturday Minnesota 2023 reviewing a few decades of the data and analytics tools leading up to Fabric.
Most of you probably know that Power BI and Azure Synapse components are baked into Microsoft Fabric, but what else is in Fabric? What led up to Fabric? How do tools such as SQL Server, Azure ML, Purview, Excel, and Azure OpenAI fit in? What contributions (if any) were made by older tools such as ProClarity, Panorama, Datazen, and PerformancePoint? What are the differences between a Semantic Model, a Dataset, a Tabular Model, a Vertipaq Engine, a Cube and a Multidimensional Model? What are the operational benefits of Fabric compared to older architectures?
If you have experience with these older tools, or if you’d like to learn the history of Fabric to better understand the contemporary context and the future, hopefully you find the presentation valuable. “The Evolutionary History of Microsoft Fabric – Spreadsheets to Lakehouse” can be viewed below or at the following link: https://youtu.be/JCZnv3RhTJQ
Microsoft Tech Community – Latest Blogs –Read More
Breaking changes February 2024
Deprecation of Python & R language extensions on VM sizes that don’t support Nested Virtualization
We are stopping the support of Python and R plugins on VM sizes that don’t support Nested Virtualization.
If you do not use language extensions you can ignore this change.
Required Change
To ensure continuity in running KQL with inline Python/R, migrate your cluster to VM Sizes supporting nested virtualization. Migrating your cluster to a compatible VM size is expected to improve the overall cluster performance as well as enabling the update of the Python image from the old Python 3.6.5 to the latest Python 3.10.8.
Schedule & plan
This change is planned to take place at the end of August 2024.
Microsoft Tech Community – Latest Blogs –Read More
Shape the future of Viva Glint by joining our product council
NEW FOR 2024! Viva Glint is launching a product council to listen to you, our customers, to understand your priorities and pain points, and to influence the direction of our product moving forward. Here’s what you need to know:
What is the Viva Glint product council? Viva Glint’s product council is a unique opportunity for customers to provide feedback and influence the direction of Viva Glint’s products and your experience as users. By joining our product council, you’ll have the chance to share your thoughts and ideas with other customers and Viva Glint’s product and design teams.
Why should you sign up for the product council?
1. Influence the direction of Viva Glint’s products: By joining the product council, you’ll have the opportunity to provide feedback and influence the direction of Viva Glint’s products. Your feedback will be heard by Viva Glint’s product and design teams and leaders, and you’ll have a direct impact on the future of our products.
2. Connect with other customers: Joining a product council is a great way to connect with other Viva Glint customers. You’ll have the opportunity to share your experiences and learn from others.
3. Get early previews of new features: Product council members will have the opportunity to get early previews of new features and provide feedback before they are released to the general public.
What is the format and frequency of council meetings? Our product council will be virtual, and we will have a calendar of engagements running throughout the year to which you will be invited. Our engagements will include product features and designs we are working on, understanding your journey as a user in more depth or getting your feedback on our measurement models and frameworks. You will have access to the calendar via our Glint product council Teams channel and can sign up for the engagements you would like to take part in.
For engagements where we require specific feedback on a product feature as it evolves, our ask is that you commit to regular engagements during the development of this feature. This will help us to get regular feedback from a consistent group of customers to ensure we are on the right track.
How will the product council meetings be hosted? The product council will be hosted through Microsoft’s Viva Customer Connection Program, also known as VCCP, to ensure we are adhering to the necessary privacy and compliance requirements. However, we will have a separate Glint ‘neighborhood’ for our Glint customers with our own calendar of engagements throughout the year.
Do I have to be on Viva Glint or can I participate if I am a LinkedIn customer? The product features we will be sharing with you will be for our Viva Glint product; however, we welcome Viva Glint customers and those who will be migrating to Viva Glint from LinkedIn.
I am in! How do I sign up for the product council? To express your interest in signing up for the Viva Glint product council, simply complete THIS application form. The form requires you to specify whether you would like to enroll fully in VCCP (i.e. if you are interested in engaging with Viva-wide product teams) or simply be a part of the Glint product council. Depending on your choice of enrolment we will then send you the appropriate compliance forms to complete.
If you have further questions, please reach out to your service delivery teams, or email VivaGlintCE@microsoft.com. We look forward to seeing you at a Viva Glint product council meeting soon!
Microsoft Tech Community – Latest Blogs –Read More
Kehittäjä! Tilaa Microsoft.Source-uutiskirje
Tilaa Microsoft.Source-uutiskirje kehittäjille
Katso viimeisimmät artikkelit, asiakirjat ja tapahtumat Microsoft.Sourcesta – kuratoidusta kuukausittaisesta kehittäjäyhteisön uutiskirjeestä.
Tutustu uusiin teknologioihin ja löydä mahdollisuuksia pitää yhteyttä muihin kehittäjiin.
Pysy ajan tasalla nopeasti kehittyvistä teknologioista hyödyntämällä toimialasi, sijaintisi ja mielenkiinnon kohteidesi kannalta merkityksellisiä resursseja, kuten artikkeleita, GitHub-säilöjä ja oppaita.
Vastaanota ilmoituksia tapahtumista, olipa kyse harjoituksista, työpajoista, koulutusistunnoista tai kansainvälisistä konferensseista.
Opi haluamasi asiat missä ja milloin haluat. Resursseihin kuuluvat muun muassa paikan päällä järjestettävät ja käytännönläheiset työpajat, maksuttomat ja vuorovaikutteiset verkkokoulutukset sekä eristysympäristöt.
Tilaa uutiskirje täältä: https://info.microsoft.com/ww-landing-sign-up-for-the-microsoft-source-newsletter.html
Microsoft Tech Community – Latest Blogs –Read More
Azure Automation supports Azure CLI commands in runbooks
Azure Automation has announced support for Azure CLI commands in runbooks (preview announcement). The rich command set of Azure CLI expands capabilities of runbooks even further, allowing you to reap combined benefits of both, for automating and streamlining management of Azure resources. Azure Automation runbooks target orchestration on a wide array of resources such as Virtual Machines, Arc-enabled Servers, Databases, Storage, Azure Active Directory, and much more, along with complex workflows involving multiple resources.
Azure Automation has emerged as a pivotal service that provides a complete end-to-end solution for managing complex hybrid environments. It facilitates authoring of PowerShell and Python scripts with intelligent suggestions through GitHub Copilot, provides a serverless platform for execution of those scripts, offers the flexibility to execute those scripts on Azure or in customer’s local environment, and monitors those executions comprehensively.
Quickstart
Learn how to run Azure CLI commands in PowerShell 7.2 runbook here.
For any questions or feedback, please reach out to askazureautomation@microsoft.com
Know more about Azure Automation roadmap here.
Microsoft Tech Community – Latest Blogs –Read More
Quick, Check It Out Before It’s Too Late! Azure Cost Optimization At It’s Finest!
Good evening or morning to our readers! Brandon here to give you a last second heads up (sorry) on some great references for optimizing your costs in Azure. As many of our readers know, I have a particular affinity for cost savings for our customers, so I wanted to get this out quickly! Act fast!
2/22/2024:
Check out this livestream event for optimizing your Azure costs with Azure savings plans and reservations, presented by Obinna Nwokolo (Principal Technical Program Manager) and Priyanshi Mittal (Senior Product Manager):
https://developer.microsoft.com/en-us/reactor/events/21719/
Additionally, I highly recommend taking a look at this interactive guide on savings plan and reservation commitments: FinOps on Azure Exercise 8 – Manage commitment-based discounts (cloudguides.com)
So short for my history of being “Brandon “long-winded” Wilson”, yet hopefully helpful none-the-less!
Microsoft Tech Community – Latest Blogs –Read More
Get ready for take off with Microsoft at SQLBits 2024
Microsoft is all set to soar high as the headline sponsor of SQLBits in Farnborough, UK from March 19-23. With their engines revved up, Microsoft is ready to take off and deliver 2 full-day workshops, 40+ sessions, a keynote, a booth, and much more at the event.
Join keynote speaker, Asad Khan, General Manager of SQL, along with other SQL experts, as they take you on a journey through the latest from SQL Server, Azure SQL, Microsoft Fabric, and more. And don’t miss the opportunity to dive into The Cloud Workshop for the SQL Professional led by Bob Ward, geared towards SQL Server users migrating to Azure SQL, and the From Beginner to Certified: A Fabric Analytics Engineer Workshop led by Bradley Ball and Mark Pryce-Maher.
So, come aboard and join us on this informative journey! Start planning which sessions you’ll be attending with our quick reference guide:
Date/Time
Location
Session Title
Speaker
Co-speaker(s)
WEDNESDAY
3/20 – 9:00am
Gate 1
Introduction to Microsoft Fabric
Mohammad Ali
3/20 – 9:00am
Gate 13
PostgreSQL for SQL Server Professionals
Silvano Coriani
3/20 – 9:00am
Gate 4
What You Should Know About Always On Availability Groups
Bob Ward
3/20 – 11:10am
Gate 4
Database of the future is here – Azure SQL Hyperscale deep dive
Arvind Shyamsundar
Aditya Badramraju
3/20 – 11:10am
Gate 3
Simplified SQL modernization journey with Azure SQL Migration Tools: A deep dive
Ajith Krishnan
Neel Ball;
3/20 – 11:10am
Gate 13
SQL DB: a developer’s catalyst
Muazma Zahid
Carlos Robles
Jerry Nixon
3/20 – 1:50pm
Gate 4
Modernize your SQL Data by starting cloud journey with SQL Server enabled by Azure Arc.
Raj Pochiraju
Dhananjay Mahajan
3/20 – 4:00pm
Gate 11
Azure SQL Managed Instance Deep Dive by Microsoft Product Group
Dani Ljepava
Niko Neugebauer; Nevena Nikolic; Uros Milanovic; Djordje Jeremic
THURSDAY
3/21 – 9:00am
Microsoft Keynote
Asad Khan
Yitzhak Kesselman, Bob Ward, Buck Woody, Erin Stellato, Patrick LeBlanc, Adam Saxton
3/21 – 10:10am
Gate 10
A Deep Dive into DevOps Practices with Azure SQL
Carlos Robles
Jerry Nixon
3/21 – 10:10am
Gate 9
Fly at Mach-speed with Azure SQL Managed Instance
Nevena Nikolic
Uros Milanovic; Niko Neugebauer
3/21 – 10:10am
Gate 5
Flying High with Data Engineering in Microsoft Fabric
Aitor Murguzur
Luke Moloney
3/21 – 10:10am
Gate 12
Hidden Gems in SQL Server 2022 Database Engine
Ajay Jagannathan
Dimitri Furman
3/21 – 10:10am
Gate 4
Welcome to the world of SQL Copilots
Bob Ward
Joe Sack
3/21 – 12:00pm
Gate 12
Come see your SQL Perfmon in the cloud
Bob Ward
Dimitri Furman
3/21 – 12:00pm
Gate 8
Discover what’s new in Azure SQL Managed Instance through an exciting Demo Party!
Niko Neugebauer
Nevena Nikolic and Uros Milanovic
3/21 – 12:00pm
Gate 11
What You’ve Been Missing in SSMS
Erin Stellato
Drew Skwiers-Koballa
3/21 – 2:10pm
Gate 1
What’s new on the Power BI Roadmap
Mohammad Ali
Rui Romano
3/21 – 2:10pm
Gate 11
Zero to Hero with SQL Server on Linux – DBA & Developers
Amit Khandelwal
Tejas Shah
3/21 – 3:20pm
Gate 12
Building AI ready applications
Muazma Zahid
Sanjay Mishra
3/21 – 4:50pm
Gate 4
Accelerate your Oracle/Mainframe Modernization journey to Azure SQL
Mukesh Kumar
Asad Khan; Des Fitzgerald
3/21 – 4:50pm
Gate 5
Harnessing Data Science and AI in Fabric
Luke Moloney
Aitor Murguzur
3/21 – 4:50pm
Gate 5
What’s new in SQL Tools
Drew Skwiers-Koballa
FRIDAY
3/22 – 9:00am
Gate 12
Modern models of managing database fleets in Azure PaaS.
Bogdan Gavrilovic
Dani Ljepava, Uros Milanovic
3/22 – 9:00am
Gate 1
Your first flight with Data Factory in Microsoft Fabric
Ulrich Christ
Krishnakumar Rukmangathan
3/22 – 10:10am
Gate 1
The Microsoft Data Leadership Panel
Bob Ward
Asad khan, Sanjay Mishra, Muazma Zahid, Alicja Kucharczyk, Mohammed Ali
3/22 – 12:00pm
Gate 11
Data tiering using data Virtualization in SQL
Ajay Jagannathan
3/22 – 1:40pm
Gate 2
JSON – a first class citizen in Azure SQL DB
Sanjay Mishra
Abhiman Tiwari
3/22 – 1:40pm
Gate 8
Advancing the DBA’s Role in the Cloud: In the Cockpit of Azure SQL Managed Instance
Dani Ljepava
Djordje Jeremic and Bogdan Gavrilovic
3/22 – 1:40pm
Gate 6
More for less: Cost optimizing your Azure SQL databases
Aditya Badramraju
Arvind Shyamsundar
3/22 – 1:40pm
Gate 3
Navigating Modern Authentication in SQL
Jordan Hays
Pieter Vanhove
3/22 – 3:20pm
Gate 8
Making the SQL Query Processor Work for you
Derek Wilson
3/22 – 3:20pm
Gate 1
SQL Server and Windows Server Better together on Azure
Bob Ward
3/22 – 4:50pm
Gate 11
Achieve peak performance and availability for your SQL Server and Azure SQL workloads with core engine enhancements
Ajay Jagannathan
Derek Wilson
3/22 – 4:50pm
Gate 12
Extendable by Design: Building Generative AI Apps with Postgres and Vector Storage and Azure AI
Adam Wolk
SATURDAY
3/23 – 9:00am
Gate 12
SQL Server Containers & Kubernetes – Going to Production!
Amit Khandelwal
Tejas Shah
3/23 – 9:00am
Gate 9
Azure SQL DB Data Portability : Mirroring, CDC, Export/Import and DataSync
Rajesh Setlem
Carlos Robles
3/23 – 9:00am
Gate 12
Confidential development with Always Encrypted using enclaves
Pieter Vanhove
3/23 – 9:00am
Gate 10
HADR on SQL Server on Azure VMs: Everything you Need to Know
David Pless
3/23 – 9:00am
Gate 2
Operational insights in your hybrid-cloud multi-cloud SQL inventory outside azure using Arc SQL Server
Dhananjay Mahajan
3/23 – 10:10am
Gate 7
Deep {sky}diving into Data Factory in Microsoft Fabric
Jeroen Luitwieler
Chunhua Gu
3/23 – 10:10am
Gate 11
Perfecting business continuity for Azure SQL DB
Rajesh Setlem
3/23 – 2:10pm
Gate 3
Business continuity of on-prem SQL Servers using Azure services through Arc
Dhananjay Mahajan
Raj Pochiraju
3/23 – 2:10pm
Gate 4
SQL Server on Azure VM – Configuring for Price-Performance
David Pless
3/23 – 2:10pm
Gate 5
The What and the Why of Microsoft Fabric Real-time Analytics
Devang Shah
3/23 – 4:00pm
Gate 4
A Deep Dive into Microsoft Fabric Data Warehouse
Mark Pryce-Maher
3/23 – 4:00pm
Gate 8
Best Practices in PostgreSQL Tuning: Navigating Key Performance Bottlenecks in the Cloud
Alicja Kucharczyk
3/23 – 4:00pm
Gate 1
How to design and build AI applications with vector search using Azure OpenAI & Azure Cosmos DB
Theo van Kraay
3/23 – 4:00pm
Gate 12
SQL Modernization Journey with Tools, Assets & Migration Best Practices
Neel Ball
Ajith Krishnan, Des Fitzgerald
Community Hangar
The Community Hangar is a unique feature of SQLBits, it’s a space where attendees can meet and interact with community groups, experts, and enthusiasts. Find us in the Community Hangar for opportunities to “Meet the PG” or product group – the folks who build the products and features you use every day.
THURSDAY
11:30 – 11:50
Meet the PG: SQL Leadership
Asad Khan, Sanjay Mishra, Muazma Zahid, Ajay Jagannathan, Joe Sack, Tejas Shah, Dhananjay Mahajan, Buck Woody
12 – 12:50
Meet the PG: Power BI with Patrick, Adam & Mohammad
Mohammad Ali, Patrick LeBlanc, Adam Saxton
15:20-16:10
Meet the PG: PostgreSQL in Azure
Alicja Kucharczyk, Adam Wolk, Silvano Coriani
1620-16:40
Meet the PG: Data Platform Security
Pieter Vanhove, Jordan Hays
FRIDAY
11:30 – 11:50
Meet The PG : SQL Server in hybrid and multicloud environments
Dhanajay Mahajan, Raj Pochiraju, Ajay Jagannathan
12:00 – 12:50
Meet The PG: All things Azure SQL DB
Aditya Badramraju, Arvind Shyamsunder, Rajesh Setlem, Dimitri Furman
14:50 – 15:10
Meet the PG : SQL Server on Linux/Containers
Amit Khandelwal, Tejas Shah
15:20 – 16:10
Meet the PG: Developers
Muazma Zahid, Jerry Nixon, Carlos Robles, Abhiman Tiwari
SATURDAY
10:10 – 11:00
Meet the PG: SQL tools
Drew Skwiers-Koballa, Erin Stellato, Subhojit Basak, Carlos Robles
11:30 – 11:50
Meet the PG: Azure SQL Managed Instance
Niko Neugebauer, Dani Ljepava, Nevena Nikolic, Uros Milanovic, Djordje Jeremic, Bogdan Gavrilovic
14:10 – 15:00
Meet the PG: Data Integration
Jeroen Luitwieler, Ulrich Christ, Krishnakumar Rukmangathan, Chunhua Gu
Register today!
To learn more about SQLBits or to register, click here.
Microsoft Tech Community – Latest Blogs –Read More
Think like a People Scientist: Understanding and interpreting your survey data
At Viva Glint, our customers frequently ask us how to ‘think more like a People Scientist’ at key moments in their employee listening lifecycle. For example, how would a People Scientist think about designing a survey or listening strategy? What would they consider when analyzing and interpreting survey results in preparation for a boardroom meeting? Or perhaps, how do they use their skills to influence acting on employee feedback? On February 20th, we were delighted to bring you the first webinar in this series on ‘Think like a People Scientist’ to answer all your questions and more!
During this webinar, Jennifer Stoll (Principal People Scientist), Jason Thomas (Senior People Scientist) and Ben Tankus (People Science Analyst) shared their collective experiences and tips and tricks on how to approach the analysis of employee survey data. They spoke about the importance of understanding the impact of both internal factors (i.e. organizational priorities, organizational context etc.) and external factors (i.e. economic/industry trends) during the analysis. They also explained how to use the different types of reports available in Viva Glint to gather insights, some basic data science principles to be aware of, and how to use survey comments to aid your understanding of the employee experience.
If you missed the live event, watch the recording here. You can also access the slide presentation below which includes a list of further resources to help you.
For other upcoming events in this series see our event listings page.
Microsoft Tech Community – Latest Blogs –Read More
Microsoft Learn for Organizations: Jump-start team technical training
It’s no surprise that organizations, teams, and individuals all need technical expertise to succeed. Since today’s teams have limited time to build new skills for their key projects, there’s an increasing demand for technical training that can be covered in self-directed, always-on, digital resources—outside of the classroom. To help meet these team skill-building needs, we’re happy to announce Microsoft Learn for Organizations—a faster, more focused way to help close skill gaps and drive business success across your organization. This valuable resource features curated collections that help take the guesswork out of learning journeys so learners can apply new skills to quickly unblock projects. And this is just the beginning. We’ll make regular updates to include the latest technology and skills, adding collections, features, and more.
What is Microsoft Learn for Organizations?
Microsoft Learn for Organizations serves as the front door to all that Microsoft Learn offers for learners engaged in team training. It’s your trusted source to get your teams skilled up and ready to power AI transformation with the Microsoft Cloud. Its focus is on streamlining what it takes for teams to gain technical skills to meet project and business goals. Resources include:
AI skill-building resources.
Curated collections (for organization leaders and for learners) that link to:
Learning paths and other self-paced content.
On-demand videos and events.
Gamified learning opportunities and skills challenges.
Instructor-led training (ILT) with Training Services Partners (TSPs) to help learners gain tech skills that translate from the classroom to the workplace.
Credentials, including Microsoft Certifications and Microsoft Applied Skills.
Success stories that explore how organizations achieve and benefit from a culture of learning.
Connections to a global community of learners and experts to help broaden expertise.
Which collections are available?
Microsoft Learn for Organizations includes a number of self-paced collections to help jump-start team training and skill up your teams for success. The initial collections include:
Build and modernize with AI. Help accelerate the benefits of AI at your organization by training everyone on this transformational technology.
Accelerate developer productivity. Equip yourself with essential skills to harness transformative AI tools, fostering innovation and accelerating developer productivity.
Get started with organizational skilling. Explore skill-building resources that you can use to start creating a learning culture within your organization.
Migrate and secure Windows Server and SQL Server workloads. Build the skills to guide your organization’s migration to the cloud with a wide variety of training options for Azure.
Migrate enterprise apps. Discover an extensive array of resources designed to help your organization efficiently migrate enterprise applications at scale.
Migrate SAP. Find out how to support your organization’s SAP migration efforts with a selection of skill-building resources.
Power business decisions with cloud-scale analytics. Uncover the potential of cloud-scale analytics to transform data into actionable insights at enterprise scale.
Transform your organization with skills for business professionals. Find out how to strategically apply Microsoft solutions across your organization, using training to empower business users and leaders.
Who can benefit from this new skill-building resource?
This exciting new self-service resource is for all organizations—for-profit or nonprofit, large or small—that want to train their teams and get the most value from their investment in Microsoft products, solutions, and technologies. It can benefit:
Team leaders who need to upskill team members to unblock key tech projects.
Learning managers who are focused on employee development to help meet organizational goals.
Anyone involved in coordinating training programs (formal or informal) who is interested in reducing barriers to technical skill-building.
All learners, especially those who need to accelerate project outcomes with tailored training to fit their learning styles and their demanding schedules, along with a way to certify and validate their newly gained skills.
Ready to jump-start your team training and help close skill gaps?
When you train your teams, develop a learning culture, and promote continuous learning development, it’s good not only for team members but also for your business. Closing tech skill gaps is one of the best ways for individuals to meet their professional goals and for organizations to meet their business goals—it’s a win-win.
Microsoft Learn offers expert and engaging learning experiences that are relevant to real-world challenges that your team members face every day. And Microsoft Learn for Organizations meets your team members wherever they are in their learning journey, to help them gain the technical expertise they need to thrive, demonstrate their expertise through industry-standard credentials, and validate that their skills remain top-notch.
Go to Microsoft Learn for Organizations, explore the collections and other resources, share them with your colleagues, and join the community. Stay tuned for more details as we evolve Microsoft Learn for Organizations to help ensure that your teams can keep up with changing roles and responsibilities, take their skills and projects to the next level, and help drive project and organizational success.
Microsoft Tech Community – Latest Blogs –Read More
Retirement of RBAC Application Impersonation in Exchange Online
Today we are announcing that we will begin blocking the assignment of the ApplicationImpersonation role in Exchange Online to accounts starting in May 2024, and that in February 2025, we will completely remove this role and its feature set from Exchange Online.
Modernizing Application Access
Historically, when you needed to grant an application access to more than its own mailbox in your Exchange organization using Exchange Web Services (EWS), you had limited options.
Simple delegation worked for one-to-one and even some one-to-few scenarios, but when you needed to grant access to many mailboxes, Impersonation was the way to go. Impersonation provided easy and broad access to many mailboxes, but limited options for scoping resources for access, and limited visibility outside of Exchange.
Today, the Microsoft identity platform / application model is the standard way to build apps that integrate with your data in the Microsoft cloud. Registering your app in Microsoft Entra simplifies deployment and adoption, makes permissions clearly visible, and helps to standardize your integrated applications.
How Does This Affect Me?
All apps must have an App Registration, and when using Application permissions (not Delegated), the app must use a secure credential for access.
When using EWS, you still grant the full_access_as_app Application permission, which provides the same level of mailbox access as ApplicationImpersonation. You can use an Application Access Policy to restrict the resources the application can access. You can also use RBAC for Apps to restrict the resources it can access.
Better yet, use Graph, as EWS is going away!
How Do I Find Accounts Using This Type of Access and What Actions Should I Take?
Use Exchange Online PowerShell to check for accounts that have been assigned the ApplicationImpersonation role:
Get-ManagementRoleAssignment -Role ApplicationImpersonation -GetEffectiveUsers
For EWS applications requiring 1 to many mailbox access, ensure the application is configured properly with OAuth to use App-only access.
Implement resource-scoped access using Application Access Policies or Role Based Access Control for Applications in Exchange Online to control mailbox access as needed for your scenario.
The Exchange Online Team
Microsoft Tech Community – Latest Blogs –Read More
Welcome to the Microsoft Defender Experts Ninja Hub
We’re excited to announce our Microsoft Defender Experts Ninja Hub. We have compiled document guides, videos, and other resources to help you get familiar with our Defender Experts services and stay up to date on the latest from the Defender Experts team.
We’ll update this post as we add resources, so make sure to bookmark this page: https://aka.ms/DefenderExpertsNinjaHub
Microsoft Defender Experts for XDR
Microsoft Defender Experts for XDR is a managed extended detection and response (MXDR) service that triages, investigates, and responds to incidents for you to help stop cyberattackers and prevent future compromise. Defender Experts for XDR delivers human expertise to security teams quickly to help address coverage gaps and augment their overall security operations. The documentation links below provide more information on the service, requirements, and FAQs:
What is Microsoft Defender Experts for XDR offering | Microsoft Learn
Before you begin using Defender Experts for XDR | Microsoft Learn
Get started with Microsoft Defender Experts for XDR | Microsoft Learn
How to use the Microsoft Defender Experts for XDR service | Microsoft Learn
Communicating with Microsoft Defender Experts | Microsoft Learn
How to search the audit logs for actions performed by Defender Experts | Microsoft Learn
Additional information related to Defender Experts for XDR | Microsoft Learn
FAQs related to Microsoft Defender Experts for XDR | Microsoft Learn
Microsoft Defender Experts for Hunting
Microsoft Defender Experts for Hunting proactively looks for threats 24/7/365 using unparalleled visibility of cross-domain telemetry and leading threat intelligence to extend your team’s threat hunting capabilities and improve overall SOC response. The documentation links below provide more information on the service, requirements, and reporting:
What is Microsoft Defender Experts for Hunting offering | Microsoft Learn
Key infrastructure requirements for Microsoft Defender Experts for Hunting | Microsoft Learn
How to subscribe to Microsoft Defender Experts for Hunting | Microsoft Learn
Understand the Defender Experts for Hunting report in Microsoft Defender XDR | Microsoft Learn
Ninja Show episodes featuring Defender Experts
Season 5, Episode 5: Improve your security posture with Microsoft Defender Experts for XDR
Season 3, Episode 4: Defender Experts for Hunting Overview
On-demand event sessions featuring Defender Experts
Microsoft Security Tech Accelerator 2023: Defender Experts in-depth: Running a Modern SOC in the age of LLMs
Microsoft Ignite 2023: Jumpstart your SOC with Microsoft Defender Experts for XDR
Microsoft Webinar: Revolutionize Managed XDR with Microsoft
Microsoft Ignite 2022: Introducing Microsoft Defender Experts for Hunting
Defender Experts videos
Explainer Video: Microsoft Defender Experts for XDR
Explainer Video: Microsoft Defender Experts for Hunting
Video: Adversary in the Middle Hunting Story
Deep dives from the Microsoft Security blog featuring Defender Experts
Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
One way Microsoft Defender Experts for Hunting prioritizes customer defense
Podcasts
Microsoft Security Insights Show Episode 181: Brian Hooper and Phoebe Rogers: A day in the life of a Defender Experts for XDR analyst
Microsoft Security Insights Show Episode 168: Steve Lee, Defender Experts
To learn more about Defender Experts, click here.
Microsoft Tech Community – Latest Blogs –Read More
Defender for Cloud deployment in AWS/GCP – Agents, Resources, IAM and Cleanup options
Objective of the article
The purpose of this article is to provide organizations with a comprehensive understanding of all the agents and resources deployed as part of Defender for Server, Defender for Container, Defender for SQL in their AWS/GCP environment by Defender for Cloud. The article aims to guide organizations on the impact of Defender for Cloud on their environment and what they need to remove when switching Defender for Cloud plans on the security connector. Where possible this article should avoid duplicating information that is already available on Microsoft Learn and focus on providing information that is not publicly available or documented on Microsoft Learn.
Introduction:
Have you ever wondered about the agents, extensions, resources and roles deployed as part of Defender for Server, Defender for Container, Defender for SQL on your AWS or GCP workloads? Have you ever needed to update the selection of Defender for Cloud plans on a security connector for your AWS or GCP environment? This article provides you with a comprehensive understanding of the impact of agents and resources on your environment and guides you on what can be removed when updating the Defender for Cloud plans on a desired security connector.
The following table summarizes Microsoft agents and extensions for CWPP:
Agent
Defender for Servers
Defender for Containers
Defender for SQL on Machines
Azure Arc Agent
✔
✔
✔
Microsoft Defender for Endpoint extension
✔
Log Analytics or Azure Monitor Agent extension
✔
*In deprecation process
✔
Defender Sensor
✔
Azure policy for Kubernetes
✔
SQL servers on machines
✔
Let’s review list of agents, resources and roles per plan and cleanup options
Defender for Server – AWS:
Resource
Type
Creation Phase
Offboarding
MDE – The Microsoft Defender for Endpoint agent provides comprehensive endpoint detection and response (EDR) capabilities
Agent
Post connector creation
For Windows servers instructions: Offboard Windows servers
For non-Windows servers instructions: Offboard non-Windows servers
Azure Arc – AWS machines connect to Azure using Azure Arc
Agent
Post connector creation
SSM – SSM Agent is
mandatory for Arc onboarding
Agent
Post connector creation
Some customers rely on SSM Agent for other purposes so please check it before removal
For removal instructions please check AWS guide
DefenderForCloud-DefenderForServers;
DefenderForCloud-ArcAutoProvisioning;
DefenderForCloud-AgentlessScanner;
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
The policies associated with the role name should be removed too
For removal instructions please check AWS guide
Defender for Server – GCP:
Resource
Type
Creation Phase
Offboarding
MDE – The Microsoft Defender for Endpoint agent provides comprehensive endpoint detection and response (EDR) capabilities
Agent
Post connector creation
For Windows servers instructions: Offboard Windows servers
For non-Windows servers instructions: Offboard non-Windows servers
Azure Arc – GCP machines connect to Azure using Azure Arc
Agent
Post connector creation
microsoft-defender-for-servers
IAM – service account
Script creation
The service account is customizable – it is saved within the created connector
For removal instructions please check GCP guide
defender-for-servers
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
For removal instructions please check GCP guide
OIDC –
defender-for-servers
IAM – workload identity pool
Script creation
For removal instructions please check GCP guide
*Defender for Server P2 require Microsoft Monitor Agent (MMA or LA agent) and/or Azure Monitor Agent (AMA) for some features, but since it’s in deprecation phase, please follow these articles for details and offboarding options:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/upcoming-changes#defender-for-servers
AMA removal: Manage Azure Monitor Agent – Azure Monitor | Microsoft Learn
MMA removal: Manage the Azure Log Analytics agent – Azure Monitor | Microsoft Learn
For MMA, please make sure Legacy solutions are removed from Log analytics workspace.
Defender for Container – AWS:
Offering
Resource
Type
Creation Phase
Offboarding
Run-time threat protection
Azure Arc enabled kubernetes- Connects your EKS clusters to Azure and onboards the Defender sensor
Agent deployed on single node
Post connector creation
You can remove Azure Arc-enabled Kubernetes via Azure CLI or Azure PS:
Cleanup Azure Arc-enabled Kubernetes
Running this command will delete all arc related resources including extensions
Defender Sensor
Sensor deployed on each node
Post connector creation
You can remove defender sensor using the Azure portal, Azure CLI, or REST API: Remove the Defender sensor
Azure Policy for Kubernetes – Extends the Gatekeeper v3
Extension deployed on one single node
Post connector creation
You can remove defender extensions using the Azure portal, Azure CLI, or REST API: Remove the Defender agent
Agentless threat protection
S3
Post connector creation
Delete S3 bucket with ARN: arn:aws:s3:::azuredefender-{ AwsRegion}-{ AwsAccountId}-{ ClusterName}
For removal instructions please check AWS guide
SQS
Post connector creation
Delete a queue with ARN:
arn:aws:sqs:{ AwsRegion}:{ AwsAccountId}:azuredefender-{ ClusterName}
For removal instructions please check AWS guide
Kinesis Data firehose (Amazon Kinesis Data Streams)
Post connector creation
Delete a stream with ARN:
arn:aws:firehose:{AwsRegion}:{ AwsAccountId}:deliverystream/azuredefender-{ ClusterName}
For removal instructions please check AWS guide
DefenderForCloud-DataCollection;
DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis;
DefenderForCloud-Containers-K8s-kinesis-to-s3
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
The policies associated with the role name should be removed too
For removal instructions please check AWS guide
Agentless Container Vulnerability Assessment
MDCContainersImageAssessmentRole
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
The policies associated with the role name should be removed too
For removal instructions please check AWS guide
Agentless discovery for Kubernetes
MDCContainersAgentlessDiscoveryK8sRole
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
The policies associated with the role name should be removed too
For removal instructions please check AWS guide
Defender for Container – GCP:
Offering
Resource
Type
Creation Phase
Offboarding
Run-time threat protection
Azure Arc enabled kubernetes- Connects your GKE clusters to Azure and onboards the Defender sensor
Agent deployed on single node
Post creation
You can remove Azure Arc-enabled Kubernetes via Azure CLI or Azure PS: Cleanup Azure Arc-enabled Kubernetes
Running this command will delete all arc related resources including extensions
Defender Sensor
Sensor deployed on each node
Post connector creation
You can remove defender sensor using the Azure portal, Azure CLI, or REST API: Remove the Defender sensor
Azure Policy for Kubernetes – Extends the Gatekeeper v3
Extension deployed on one single node
Post connector creation
You can remove defender extensions using the Azure portal, Azure CLI, or REST API:Remove the Defender agent
Run-time threat protection (AuditLogs)
Container.googleapis.com
Enable API
Script creation
Please note, it might be used by other solutions
For removal instructions please check GCP guide
logging.googleapis.com
Enable API
Script creation
Please note, it might be used by other solutions
For removal instructions please check GCP guide
Data Access audit logs configuration
Settings
Script creation
Please note, it might be used by other solutions
Name of component to disable:
Kubernetes Engine API
For removal instructions please check GCP guide
Pub/Sub Topic
Post creation
For each cluster in a project a topic is created with prefix: “MicrosoftDefender-“
For removal instructions please check GCP guide
Pub/sub Subscription
Post creation
For each cluster in a project a subscription is created with prefix: “MicrosoftDefender
For removal instructions please check GCP guide
SINK – log route
Post creation
For removal instructions please check GCP guide
microsoft-defender-containers;
ms-defender-containers-stream;
IAM – service account
Script creation
The service account is customizable – it is saved within the created connector
For removal instructions please check GCP guide
MicrosoftDefenderContainersDataCollectionRole;
MicrosoftDefenderContainersRole;
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
For removal instructions please check GCP guide
OIDC – containers
IAM – workload identity provider
Script creation
For removal instructions please check GCP guide
Agentless discovery for Kubernetes
containers
IAM – workload identity pool
Script creation
Please note, this identity been used by DCSPM plan as well
For removal instructions please check GCP guide
mdc-containers-k8s-operator
IAM – service account
Script creation
The service account is customizable – it is saved within the created connector
For removal instructions please check GCP guide
Agentless Container Vulnerability Assessment
containers
IAM – workload identity pool
Script creation
Please note, this identity been used by DCSPM plan as well
For removal instructions please check GCP guide
mdc-containers-artifact-assess
IAM – service account
Script creation
The service account is customizable – it is saved within the created connector
For removal instructions please check GCP guide
Defender for SQL- AWS:
Resource
Type
Creation Phase
Offboarding
Defender Agent
Agent
Post connector creation
Removed automatically on plan change
Removal can be done via Azure Portal in extension tab
Azure Monitor Agent for SQL server – Collects security-related configuration information and event logs from machines
Agent
Post connector creation
Azure Monitor Agent offboarding: Unistall AMA
Azure Arc – AWS machines connect to Azure using Azure Arc
Agent
Post connector creation
Uninstall Azure Arc
Please remove Arc only after defender agent removal
DefenderForCloud-ArcAutoProvisioning;
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
The policies associated with the role name should be removed too
For removal instructions please check AWS guide
Defender for SQL- GCP:
Resource
Type
Creation Phase
Offboarding
Defender Agent
Agent
Post connector creation
Removed automatically on plan change
Removal can be done via Azure Portal in extension tab
Azure Monitor Agent for SQL server – Collects security-related configuration information and event logs from machines
Agent
Post connector creation
Azure Monitor Agent offboarding: Unistall AMA
Azure Arc – GCP machines connect to Azure using Azure Arc
Agent
Post connector creation
Uninstall Azure Arc
Please remove Arc only after defender agent removal
microsoft-databases-arc-ap;
IAM – service account
Script creation
The service account is customizable –
it is saved within the created connector
For removal instructions please check GCP guide
defender-for-databases-arc-ap;
IAM – role
Script creation
The role name is customizable –
it is saved within the created connector
For removal instructions please check GCP guide
OIDC – defender-for-databases-arc-ap
IAM – workload identity pool
Script creation
Delete: defender-for-databases-arc-ap
For removal instructions please check GCP guide
Note: Microsoft Monitoring Agent (MMA) is being deprecated in August 2024. As a result, Azure Monitoring Agent (AMA) been used, but for customers that still use MMA, removal option:
Manage the Azure Log Analytics agent – Azure Monitor | Microsoft Learn
Please make sure Legacy solutions are removed from Log analytics workspace.
Conclusion: In this article, we have provided a comprehensive overview of all the agents, extensions, and resources deployed as part of Defender for Servers, Defender for Containers and Defender for SQL on AWS/GCP workloads. We have also presented detailed clean-up options for organizations looking to switch their Defender for Cloud plans. While our focus has been on Cloud Workload Protection Plans (CWPP), it is important to note that resources deployed by Cloud Security Posture Management (CSPM) plans are not listed here. As the solution and its features continue to evolve, the resources deployed or impacted by Defender for Cloud may vary between versions. We hope this article serves as a valuable resource for organizations looking to better understand the impact of Defender for Cloud on their AWS/GCP environment.
Acknowledgements
Special thanks to Bojan Magusic for the great partnership and technical review.
Reviewed by:
Lior Arviv, Senior Program Manager
Aviv Mor, Principal PM Manager
Ido Keshet, Principal PM Manager
Maya Herskovic, Senior PM Manager
Bojan Magusic, Product Manager 2
Microsoft Tech Community – Latest Blogs –Read More
Manage the latest versions of Azure Stack HCI with SCVMM
Azure Stack HCI is a hybrid cloud solution that lets you run virtualized workloads on-premises with direct access to Azure services. It combines the performance, security, and scalability of hyperconverged infrastructure (HCI) with the flexibility and innovation of Azure.
As a datacenter scale customer, to take full advantage of these new capabilities, you need a powerful and reliable management solution that can handle the complexity and scale that comes with large scale deployments. To address these requirements, customers can continue to leverage System Center components as the management solution for larger deployments of Azure Stack HCI 23H2 clusters for a select set of scenarios while leveraging Arc based management of HCI clusters for other scenarios.
Supported Azure Stack HCI scenarios with System Center
The following scenarios will be supported in SCVMM to manage Azure Stack HCI 23H2:
Addition, creation and management of Azure Stack HCI clusters.
Ability to provision and deploy Virtual Machines (VMs) on the Azure Stack HCI clusters and perform VM lifecycle operations.
Set up networking on Azure Stack HCI clusters.
Deployment and management of SDN network controller on Azure Stack HCI clusters.
Management of storage pool settings, creation of virtual disks, creation of cluster shared volumes (CSVs) and application of QoS settings.
Migration of VMware and Windows Server based workloads to Azure Stack HCI.
Management of Azure Stack HCI clusters using the same PowerShell cmdlets used to manage Windows Server clusters.
Azure based VM self-serve capabilities and Azure management services through Azure Arc-enabled SCVMM.
Supported Azure Stack HCI scenarios through Azure and WAC
The following scenarios will continue to be supported from the Azure Portal/WAC to manage Azure Stack HCI 23H2:
Creation of Azure Stack HCI clusters.
Register and unregister Azure Stack HCI clusters from VMM.
Upgrading Azure Stack HCI 22H2 clusters to 23H2.
Enablement of Azure benefits on VMs running on Azure Stack HCI clusters.
All operations on Azure Stack HCI clusters deployed with Windows Defender Application Control (WDAC).
All new Azure Stack HCI 23H2 features like GPU-Partitioning, SDN Multi-site, etc.
All Azure Stack HCI features that were previously unsupported with SCVMM like Stretched clustering.
When is the support for Azure Stack HCI 23H2 coming with System Center?
Azure Stack HCI 23H2 support will be added to the next LTSC version of System Center. The General Availability of the next LTSC version of System Center will be closer to the General Availability of Windows Server 2025.
Contact us
The System Center team is committed to delivering new features and quality updates with the LTSC and UR releases at regular cadence. For any feedback and queries, you can reach us at systemcenterfeedback@microsoft.com.
Microsoft Tech Community – Latest Blogs –Read More
Update records in a Kusto Database (Public Preview)
Kusto databases, either in Azure Data Explorer or in Fabric KQL Database, are optimize for append ingestion.
In recent years, we’ve introduce the .delete command allowing you to selectively delete records.
Today we are introducing the .update command. This command allows you to update records by deleting existing records and appending new ones in a single transaction.
This command comes with two syntaxes, a simplified syntax covering most scenarios efficiently and an expanded syntax giving you the maximum of control.
Here is an example of the simplified syntax:
.update table MyTable on Id <|
MyTable
| where Id==3
| extend Color=”Orange”
This command will update all records where Id==3 by replacing the Color column value by “Orange”.
As mentioned above, the command really does a .delete and .append in one go. In this case, it is equivalent to those 2 commands:
.delete table MyTable records <|
MyTable
| where Id==3
.append MyTable <|
MyTable
| where Id==3
| extend Color=”Orange”
The only exception to running those 2 commands is that the append command is run with the state of the table prior to the deletion. Indeed, if you would run those two commands, the .append command wouldn’t do anything since the records with Id==3 would have been deleted by the first command.
This is a good way to show how the same command would be represented using the expanded syntax:
.update table MyTable delete D append A <|
let D = MyTable
| where Id==3;
let A = MyTable
| where Id==3
| extend Color=”Orange”;
The expanded syntax allows you to explicitly define the delete and append queries.
Both syntaxes support a whatif mode where the command doesn’t change the table but returns the expected changes. We recommend always starting with a whatif mode to validate the predicates.
We encourage you to go through the many examples of the online documentation page to familiarize yourself with the syntax.
We believe this new command gives you an alternative for your data pipelines. Many loading scenarios involve updating records. For instance, ingesting new data in a staging table to then update the records of a main table with those new records. This is now possible with the .update command.
The command is in public preview and we are looking forward for your feedback!
Microsoft Tech Community – Latest Blogs –Read More