Tag Archives: microsoft
Need Help with a Formula to find difference in cell range
Need help figuring out a formula for calculating weight lost/gained over a cell range. Very beginner level knowledge on my end so I’m struggling with a formula to add/subtract the difference from the starting weight on 3/25/24 in cell C5 to the ending weight on 6/21/24 in cell F5. I need just the total weight lost/gained summed in cell G5.
Example: someone starts at 200, goes to 190, back to 195, then finishes at 185, how do I capture that fluctuation in a formula?
Screen shot below. Thanks in advance for any help!
Need help figuring out a formula for calculating weight lost/gained over a cell range. Very beginner level knowledge on my end so I’m struggling with a formula to add/subtract the difference from the starting weight on 3/25/24 in cell C5 to the ending weight on 6/21/24 in cell F5. I need just the total weight lost/gained summed in cell G5. Example: someone starts at 200, goes to 190, back to 195, then finishes at 185, how do I capture that fluctuation in a formula? Screen shot below. Thanks in advance for any help! Read More
Partner Blog | What’s new for Microsoft partners: April 2024 edition
Over the past few months, we have continued to add benefits and resources to the Microsoft AI Cloud Partner Program to help you and your customers realize the most from our latest technology. These changes have been informed by partner feedback and developed with the diversity of the partner community in mind.
In this blog, you’ll find links to expert insights, redesigned learning materials, and updated benefits to accelerate your growth in the coming year.
Announcements
State of the Partner Ecosystem: Chief Partner Officer Nicole Dezen showcased the latest Microsoft partner business news, changes, updates, and momentum in her annual State of the Partner Ecosystem post on the Official Microsoft Blog. Learn about program updates, including new designations and certifications for partners. Find out how we are equipping partners through AI skilling, and read about partners delivering AI solutions around the world.
New benefits packages: In January, we launched three new benefits packages designed to help partners at various stages of growth to develop their business. Find out which package is right for you by reading more on the partner blog.
Realigning global licensing for Microsoft 365: Last year Microsoft updated the way Microsoft 365, Office 365, and Teams were licensed in the European Economic Area (EEA) and Switzerland. We have recently announced our plan to extend that approach worldwide to ensure globally consistent licensing. Learn more.
Continue reading here
Microsoft Tech Community – Latest Blogs –Read More
Protect Against OWASP API Top 10 Security Risks Using Defender for APIs
Overview
The Open Web Application Security Project (OWASP) Foundation is a nonprofit foundation dedicated to improving software security through community-led open-source projects, education, and transparency. The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of APIs. In this post, we’ll dive into how Defender for APIs (a plan provided by Microsoft Defender for Cloud) provides security coverage for the OWASP API Top 10 security risks.
Defender for APIs offers full lifecycle protection, detection, and response coverage for APIs. Defender for APIs helps you to gain visibility into business-critical APIs. You can investigate and improve your API security posture, prioritize vulnerability fixes, and quickly detect active real-time threats.
Concepts
Security recommendations – Recommendations in Defender for Cloud are based on the Microsoft cloud security benchmark. The Microsoft cloud security benchmark is the Microsoft-authored set of guidelines for security and compliance best practices based on common compliance frameworks. This widely respected benchmark builds on the controls from the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) with a focus on cloud-centric security. For a complete list of API security recommendations, see Security recommendations – a reference guide
Security alerts – Security alerts are the notifications generated by Defender for Cloud’s workload protection plans when runtime threats are identified in your Azure, hybrid, or multi-cloud environments. For a complete list of API security alerts, see Security alerts – a reference guide
Attack path analysis – Defender for Cloud uses environment context to perform a risk assessment of your security issues and subsequently identifies the biggest security risk issues. Defender for Cloud then analyzes which security issues are part of potential attack paths that attackers could use to breach your environment. To learn more, see Identify and remediate attack paths
Defender for APIs – OWASP API Security Coverage Mapping
OWASP API Risk
Defender for APIs Security Coverage
Broken Object Level Authorization (API1:2023)
(Security alert) Parameter enumeration on an API endpoint – A single IP was observed enumerating parameters when accessing one of the API endpoints
(Security alert) Distributed parameter enumeration on an API endpoint – The aggregate user population (all IPs) was observed enumerating parameters when accessing one of the API endpoints.
Broken Authentication (API2:2023)
(Security recommendation) API endpoints in Azure API Management should be authenticated – API endpoints published within Azure API Management should enforce authentication to help minimize security risk.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials.
Broken Object Property Level Authorization (API3:2023)
(Security alert) Previously unseen parameter used in an API call – A single IP was observed accessing one of the API endpoints using a previously unseen parameter in the request.
(Security alert) Unusually large response payload transmitted between a single IP address and an API endpoint – A suspicious spike in API response payload size was observed for traffic between a single IP and one of the API endpoints.
Unrestricted Resource Consumption (API4:2023)
(Security alert) Suspicious population-level spike in API traffic to an API endpoint – A suspicious spike in API traffic was detected at one of the API endpoints.
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
(Security alert) Unusually large request body transmitted between a single IP address and an API endpoint – A suspicious spike in API request body size was observed for traffic between a single IP and one of the API endpoints.
(Security alert) Suspicious spike in latency for traffic between a single IP address and an API endpoint – A suspicious spike in latency was observed for traffic between a single IP and one of the API endpoints.
(Security alert) API requests spray from a single IP address to an unusually large number of distinct API endpoints – A single IP was observed making API calls to an unusually large number of distinct endpoints.
(Security recommendation) API Management direct management endpoint should not be enabled – The direct management REST API in Azure API Management bypasses Azure Resource Manager role-based access control, authorization, and throttling mechanisms, thus increasing the vulnerability of your service.
Broken Function Level Authorization (API5:2023)
No coverage
Unrestricted Access to Sensitive Business Flows (API6:2023)
(Attack path analysis) Internet exposed APIs that are unauthenticated carry sensitive data
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
Server-Side Request Forgery (API7:2023)
No coverage
Security Misconfiguration (API8:2023)
(Security recommendation) API endpoints that are unused should be disabled and removed from the Azure API Management service – As a security best practice, API endpoints that haven’t received traffic for 30 days are considered unused and should be removed from the Azure API Management service.
(Security recommendation) API Management APIs should use only encrypted protocols – APIs should be available only through encrypted protocols, like HTTPS or WSS. Avoid using unsecured protocols, such as HTTP or WS to ensure security of data in transit.
(Security recommendation) API Management secret named values should be stored in Azure Key Vault – Named values are a collection of name and value pairs in each API Management service.
(Security recommendation) API Management should disable public network access to the service configuration endpoints – To improve the security of API Management services, restrict connectivity to service configuration endpoints, like direct access management API, Git configuration management endpoint, or self-hosted gateways configuration endpoint.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials. Does not apply to Service Fabric backends.
Improper Inventory Management (API9:2023)
Inventory dashboard – Centralized inventory of all managed APIs and related API security findings.
External exposure – Classify which API endpoints are exposed externally.
Sensitive data classification – Classify APIs that receive or respond with sensitive data, to support risk prioritization, including integration support with Microsoft MIP Purview.
Unsafe Consumption of APIs (API10:2023)
No coverage
API Security Testing
Microsoft Defender for Cloud supports third-party tools to help enhance the existing runtime security capabilities that are provided by Defender for APIs. Defender for Cloud supports proactive API security testing capabilities in early stages of the development lifecycle (including DevOps pipelines). The support for third-party solutions helps to further streamline, integrate, and orchestrate security findings from other vendors with Microsoft Defender for Cloud.
This support enables full lifecycle API security (extending to OWASP API top 10 risks), and the ability for security teams to effectively discover and remediate API security vulnerabilities before they are deployed in production. To learn more, see the following: Partner applications in Microsoft Defender for Cloud for API security testing (preview)
Next Steps
To learn more about how Defender for APIs augments the security offered by Azure Web Application Firewall (Azure WAF) and Azure API Management, see the following: Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management.
To learn more about how Azure API Management helps mitigate risks against the OWASP API risks, see the following: Recommendations to mitigate OWASP API Security Top 10 threats using API Management
Microsoft Tech Community – Latest Blogs –Read More
App Service *.azurewebsites.net TLS Cert Renewal for Web Apps, Functions, and Logic Apps (Standard)
This blog contains information about *.azurewebsites.net TLS certificate changes for Web Apps, Functions, and Logic Apps (Standard). Customers should not be impacted by this change. The scope of services affected includes Web Apps, Functions, and Logic Apps (Standard); Logic Apps (Consumption) and resources hosted on an ASE are not impacted. This change is limited to public Azure cloud; government clouds are not affected.
Every Web Apps, Functions, and Logic Apps (Standard) has its own default hostname that goes by “<resource-name>.azurewebsites.net” where App Service secures it with a wildcard *.azurewebsites.net TLS certificate. The current intermediate Microsoft PKI Subordinate CA certificates were set to expire on June 27th, 2024. App Service used these intermediate certificates in the default TLS certificate *.azurewebsites.net. On March 13th, 2024, App Service renewed the TLS certificate and used a new set of Subordinate CAs while the root certificate remained the same. Due to the distributed asynchronous nature of the renewal process, there isn’t an exact date when the new TLS certificate will be visible to individual Web Apps, Functions, and Logic Apps (Standard).
Terminology and Concepts
Certificate Authority: (CA) An entity that is responsible for the creation, issuance, revocation, and management of certificates. The term applies equally to both Roots CAs and Subordinate CAs.
Root CA: The top level Certification Authority whose Root Certificate is distributed by Application Software Suppliers and that issues Subordinate CA Certificates.
Root Certificate: The self‐signed certificate issued by the Root CA to identify itself and to facilitate verification of certificates issued to its Subordinate CAs.
Subordinate CA: (Sub CA) A Certification Authority whose certificate is signed by the Root CA or another Subordinate CA.
We expect that this change will be a non-event and will not impact customers. However, you may be impacted if an application has incorrectly taken a hard dependency on the *.azurewebsites.net TLS certificate, for example by way of “certificate pinning”. Certificate pinning is a practice where an application only allows a specific list of acceptable Certificate Authorities (CAs), public keys, thumbprints, etc. Applications should never pin to the *.azurewebsites.net TLS certificate. Applications requiring certificate stability should use custom domains in conjunction with custom TLS certificates for those domains. You can refer to the recommended best practices section of this article for more information.
Recommended best practices
Certificate pinning of *.azurewebsites.net TLS certificates is not recommended because the *.azurewebsites.net TLS certificate could be rotated anytime given the nature of App Service as a Platform as a Service (PaaS). In the event that the service rotates the App Service default wildcard TLS certificate, certificate pinned applications will break and disrupt the connectivity for applications that are hardcoded to a specific set of certificate attributes. The periodicity with which the *.azurewebsites.net TLS certificate is rotated is also not guaranteed since the rotation frequency can change at any time.
If an application needs to rely on certificate pinning behavior, it is recommended to add a custom domain to a Web Apps, Functions, and Logic Apps (Standard) and provide a custom TLS certificate for the domain which can then be relied on for certificate pinning.
Note that applications which rely on certificate pinning should also not have a hard dependency on an App Service Managed Certificate. App Service Managed Certificates could be rotated anytime, leading to similar problems for applications that rely on stable certificate properties. It is best practice to provide a custom TLS certificate for applications that rely on certificate pinning.
Refer to our documentation for best practices for Azure App Service for more information.
Microsoft Tech Community – Latest Blogs –Read More
FAQ: Marketplace private offers through CSP?
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Configure ISV to CSP partner private offers in Microsoft Partner Center – Marketplace publisher | Microsoft Learn
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process Read More
Running python/flask app on IIS using ASP.Net Core Module handler
Looking for insight into running/flask app using a modern/maintained method.
wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).
HttpPlatform handler was replaced by the asp.net core module even before that (2016).
I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:
Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:
Nothing in the python log.
Any feedback appreciated.
Looking for insight into running/flask app using a modern/maintained method. wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).HttpPlatform handler was replaced by the asp.net core module even before that (2016). I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:Nothing in the python log. Any feedback appreciated. Read More
Stakeholders AI
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business.
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business. Read More
pnp Modern Search – People – Search Source Scope
Hi everyone,
I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.
We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page.
I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list.
I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available.
Thanks very much for your help!
Hi everyone, I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page. I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list. I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available. Thanks very much for your help! Read More
Talk Track for SaaS Azure Platform Validation
Azure Marketplace seeks to make the publishing flow as streamlined as possible. We don’t want lengthy, manual engagements to review a publisher’s solutions to validate if it is built on top of Azure (like others public cloud marketplace do, taking 2+ weeks for review). Toward that end, the new page within the transactable SaaS offer creation flow will capture additional information from the publisher to enable the marketplace team to perform validation that the transactable offer is built on Azure.
Experience
The information gathered will enable post-publish validation that the offer is built on Azure in accordance with SaaS offer requirements for Azure Marketplace. For details on the policy, go here: Azure platform policy for SaaS offers.
The new page is found under the new Supplemental content tab and will act like a survey to gather information about the publisher’s SaaS offer to understand if it is fully hosted in the publisher’s Azure or fits another SaaS model. The information gathered will enable post-publish validation that the offer is built on Azure in accordance with SaaS offer requirements for Azure Marketplace. For details on the policy, go here: Azure platform policy for SaaS offers. If there are any questions or concerns regarding how the solution is built on Azure, a notification will be sent and the publisher will receive a follow up.
This SaaS validation will not qualify the publisher’s offer for Co-sell or make it Azure benefit eligible (MACC eligible), but it will make that process smoother and quicker in the future.
As some policies are validated post-publish, successfully publishing an offer does not mean it has been fully validated to conform with all policies.
The page functions like a survey with dynamic content based on the information provided about the SaaS offer. See the start of the page below seen under the Supplemental Content tab:
As long as the page is completed and the publisher seeks to Review & Publish, the offer submission will not be blocked in the publishing process. The validation will be initiated as the SaaS offer is published and will trigger a review post-publish. SmartCert tooling will initiate notification if there are any questions or concerns regarding how the solution is built on Azure, a notification will be sent, and the publisher will receive a follow up. Note: if a managed ISV has an existing offers that is found to be in non-compliance, the Certification team will work with the PDM/PTS for that ISV on the outreach and next steps.
The page should not show up for non-transactable SaaS offers (i.e., Contact Me listings). If the page does not show up for the offer, then it is not required, and no action is needed for that offer.
Timing
During Public Preview starting January 31, the module will be visible, but the completion will be optional for existing SaaS offers. We have notified publishers on March 1st, and publishers with existing offers must complete this information within 90 days. This module will move to GA and completion will be require for all transactable SaaS offers May 31st.
Support Standard Response:
The Supplemental Content module is now part of the publishing flow for SaaS offers that are intended to transact through the Azure Marketplace. The module will be required to complete publishing for each transactable SaaS offer. If an offer is not a transactable offer, then the information is not required, and the Supplemental Content module will not show up for your SaaS offer.
For new offers, this module will become available when you select the SaaS offer type and setup the offer to be transactable through the Azure Marketplace.
For existing offers, (1) please go to Partner Center, (2) navigate to the Marketplace Offers workspace, (3) review your offers and select a SaaS offer to update, (4) in the SaaS offer select the “Supplemental Content” tab, (5) complete the module, and (6) after you are finished, select “Review and Publish.” The module will need to be completed for each of your SaaS offers and the questions are specific to that SaaS offer.
If the Supplemental Content tab does not show up for a SaaS offer, then that listing is most likely a listing-only offer (i.e., Contact Me), does not require the information, and no action is needed from you for that offer.
This information will be required for appropriate SaaS offers within 90 days of notification (March 1st).
Microsoft Tech Community – Latest Blogs –Read More
Combine FinOps best practices and Microsoft tools to streamline and optimize your workloads
Cloud adoption is not a one-and-done endeavor, but an iterative process. Constant innovation means there are new and better cloud-based solutions available every day. That impacts your cloud workloads and the way you manage them. And as your use of cloud grows, so does the scale of your cloud deployments. If you’re a large enterprise organization, you may have hundreds or even thousands of cloud subscriptions. To keep costs in check, you need to continuously examine your workloads or subscriptions to understand how to get the most from cloud. You need a way to cut through the noise so you can prioritize your attention and resources and focus on your desired business outcomes.
Workload management is the process of defining how your resources are running in a given Azure environment. It means running resources only when necessary and at the level or capacity needed for the active workload. An effective workload management and automation plan can significantly reduce costs by adjusting configuration to match supply to demand dynamically, ensuring the most effective utilization. Are your workloads running all the time or are they running based on your business or organizational needs? Learn to optimize your cloud and build your skills to make the most of Azure. Once you understand how your workloads operate day-to-day you can automate certain processes to keep everything running at optimized levels.
FinOps best practices tie in closely here. FinOps encourages collaboration within your organization, increasing visibility into your cloud investment to all levels of the organization while helping you gain more financial control and predictability to optimize cloud spend.
This blog was written to help you better understand workload management and automation within the FinOps Framework and how to implement it in Azure using specific tools within Microsoft Cost Management and Advisor. Let’s take a closer look at each of these tools and how you can use them in conjunction with FinOps capabilities to understand and forecast your bill, optimize workload costs, and control your spending.
Microsoft Cost Management
Once you’ve begun migrating to Azure, you can use Microsoft Cost Management to continually track and monitor your cloud spending and improve the cost-effectiveness of your current investments. Microsoft Cost Management is available to anyone with access to a billing account, subscription, resource group or management group. You can access Cost Management within the billing and resource management experiences or separately as a standalone tool optimized for FinOps teams who manage cost across multiple scope. For ad-hoc exploration of cost data you can use cost analysis in Azure portal. If you need to integrate with your custom reporting, you can automate cost data exports.
Microsoft Cost Management enables you to access your cost datasets through Exports and the exported data can be analyzed using tools like Microsoft Fabric. Let’s take a closer look at these two tools.
A new and improved Exports experience
Data is important if you want to build and analyze custom reports, but FinOps datasets are often large and challenging to manage. We recently improved the Exports experience to help you streamline your FinOps practice. The new Exports experience, currently in preview, includes automatic exports of more cost-impacting datasets, including price sheets, reservation recommendations, reservation details, and reservation transactions, optimized to handle large datasets while enhancing the user experience.
The new Exports functionality also improves file manageability and reduces download latency. File partitioning, which breaks files into manageable smaller chunks, and file overwrite, which replaces the previous day’s file with an updated file each day in daily export, helps you save on storage and network costs. We’ve also added support for the FinOps Open Cost and Usage Specification (FOCUS) dataset, which combines amortized and actual costs and reduces data processing times. If you want to understand the details of an invoice and the resources that went into those charges, use Exports to download the data into a storage account. Depending on the file size, you can then use a custom reporting system solution such as Fabric, Excel or PowerBI to analyze the data.
Use Fabric to simplify your analytics needs
Once you have the data you want, how do you visualize it, analyze it, and build custom reports? That’s where Microsoft Fabric comes in. Microsoft Fabric is an all-in-one analytics solution. With Fabric, you don’t need to piece together different services from multiple vendors because Fabric offers a comprehensive suite of services, including data lake, data engineering, and data integration, all in one place, giving you a highly integrated, end-to-end, and easy-to-use product designed to simplify your analytics needs. By creating a single platform with tools for every data professional in a unified experience and architecture, Fabric reduces the cost and effort of integrating analytics services.
Fabric also includes Copilot functionalities. With Copilot in Microsoft Fabric, you can use natural language to create dataflows and pipelines, write SQL statements, build reports, or even develop machine learning models. Copilot in Fabric is currently in public preview with Power BI, Data Factory, Data Engineering, and Data Science experiences. For example, in Power BI, you can create reports and summarize your insights into narrative summaries in seconds. In Data Factory, you can simply describe how you want to ingest and transform the data using natural language and Copilot does the rest. When working in a notebook in Data Engineering or Data Science, you can more quickly enrich, model, analyze, and explore your data.
Azure Advisor
Azure Advisor is designed to help you focus your efforts and save time on cloud optimization. It orchestrates and guides your journey to create and maintain well-architected workloads on Azure. Several tools within Advisor can help you optimize your workloads. Let’s take a closer look at them:
Get tailored recommendations with Advisor Reviews
How do you determine how to get the most bang for your buck when it comes to optimizing your Azure workloads? Advisor Reviews, which is only available to those who have field assistance, allows you to apply a set of filters and get automated recommendations to improve each of your resources and subscriptions. And the Azure recommendations under this scenario are personalized even more. A Microsoft representative learns about your mission-critical workloads, analyzes your applications, and manually inputs tailored recommendations to help you improve resiliency. The recommendations are prioritized according to our best estimate of significance to your environment and available through Advisor so you have a single point of entry to view them.
View recommendation details – such as recommended actions and impacted resources – and solution options, including postponing or dismissing a recommendation. If you accept recommendations, you can then check your Advisor Score to see if the changes you invested in improved your score. Periodically return to Advisor to review and implement recommendations to continuously improve your workloads.
Identify gaps with Advisor Assessments
We recently introduced a new Assessment tab within Advisor that you can use to improve your workloads in the areas that matter most to your business. Advisor Assessments is a new experience in Azure Advisor that curates a set of questions about your infrastructure to help us identify gaps and opportunities in your workloads across five pillars: reliability, security, cost optimization, operational excellence, and performance efficiency. This is especially useful for early cloud adopters or early Azure customers. Based on the type of assessment you choose, you will be guided through a series of curated questions about your Azure infrastructure, workload etc. Based on your responses, we will generate tailored and prioritized recommendations to improve your Azure architecture. To use these new assessments, you’ll need Contributor Access on a subscription to take the assessment and Reader Access on a subscription to view the generated recommendation.
Previously, the results of these assessments were available for export where you could work on them offline. Now, everything is available in one place, so you can take assessments on, and receive recommendations directly within, the Advisor platform. There is no limit on the number of assessments that can be taken for a subscription, although you’ll be notified if someone else has already created an assessment for the same subscription/workload. To see all Microsoft assessment choices, go to the Learn platform > Assessments.
Understand where you can reduce spend with the Cost Optimization workbook
The Cost Optimization Workbook brings together all vital information about potential savings and opportunities for rate optimization and highlights tactical recommendations to help you understand how and where you can reduce spend. For example, the workbook will highlight any discounts available to you that you might not yet be taking advantage of. Within the workbook, you can use the Tabs function to focus your cost-reduction efforts in the areas of Compute (including Savings Plan), Azure Hybrid Benefit, Storage, and Networking. Use Filters to focus on a specific workload, apply a recommended optimization directly from the workbook, or share insights with your team.
We’re currently working to bake automation into the workbook for use cases within compute, storage, and networking so you can take an iterative approach to reducing costs. For example, if you find a workload that has virtual machines (VMs) that are not allocated but still incurring costs, the workbook will search for them and send an alert so you can choose to stop it. Not only will the Cost Optimization Workbook provide you an opportunity to find potential savings, but the workload management automation piece impacts other capabilities like your budget and real-time decision-making.
Estimate the cost of creating new or expanding existing deployments with the Pricing Calculator
The Azure Pricing Calculator is a web-based tool that makes it easier to plan and estimate the cost of creating new or expanding existing deployments by providing cost estimates based on the services used. With this tool, you can estimate the cost of running your workloads and explore various configurations of many different Azure services as you identify which SKUs and how much usage keeps you within your desired price range. The calculator also provides a cost estimate for your Azure consumption with your negotiated or discounted prices and strategic pricing offers such as Azure Hybrid Benefit, Reserved Instances and Azure savings plan for compute. The estimate is split into upfront and monthly costs. Your input from the Pricing Calculator can also help estimate the cost of any changes to your deployed workloads. That data can help inform more specific recommendations based on your current usage.
We’ve recently added six example scenarios to the Pricing Calculator, such as “add an enterprise data warehouse” or “add advanced analytics on big data.” Depending on your chosen scenario, the Pricing Calculator will walk you through the pieces you’ll need to build that scenario and the estimated cost. For example, if you want to add Azure Web Apps to deliver value faster to your customers with a continuous integration and continuous deployment (CI/CD) pipeline that pushes each of your changes automatically to Web Apps, you will need a VM, storage, bandwidth, and several services or functions. Once you select those pieces, you can choose how and where to deploy them and apply any savings plans. Not only does the Pricing Calculator help you understand the ingredients you’ll need to achieve your new scenario, it also provides a cost estimate based on your choices so you can better plan your next move.
Reducing costs by ensuring effective utilization
Each of the tools discussed here can be used to enable FinOps capabilities and help you develop an effective workload management and automation plan to reduce costs by adjusting configuration to match supply to demand, ensuring the most effective utilization. In addition, we recently released a FinOps Review Assessment based on guidance from the FinOps Foundation framework that can help you work to align your business with FinOps practices and principles.
You can learn even more about using FinOps best practices for workload management and automation at aka.ms/finops/solutions.
Microsoft Tech Community – Latest Blogs –Read More
Join us at Embedded World 2024
We are excited to invite you to join us at Embedded World 2024, where we will be showcasing our latest innovations and sharing our latest vision for the future of industrial transformation. Embedded World 2024 is the world’s largest trade show that focuses on edge compute and embedded devices and held each year in Nuremburg, Germany.
One of the focal points of the event is our new adaptive cloud strategy, which is designed to help businesses like yours seamlessly integrate cloud technology into their physical operations and stay ahead of the curve in an ever-changing digital landscape. Our adaptive cloud approach unifies teams, sites, and systems into single operations, application, and data model, enabling organizations to leverage cloud-native technology and AI to work simultaneously across hybrid, multi-cloud, edge, distributed computing, and IoT.
At the event, you will have the opportunity to learn more about our adaptive cloud strategy, get hands on training, see it in action, and speak with our experts about how it can benefit your business. You will also have the chance to network with other industry professionals and explore the latest trends and developments in the world of edge and cloud technology.
How can you connect with our experts from Microsoft and our partners during Embedded World:
Connect with us in Hall 5 Stand 353
Visit our booth in Hall 5 to immerse yourself in innovative demos and experiences, connect with product and partner experts on featured products, and meet one-on-one with Microsoft leaders.
Attend sessions at the Exhibitor Forums
Explore the Embedded World Exhibitor Forums throughout the day and listen to Microsoft experts and our partners throughout the 3 days on a wide variety of topics.
Unleashing the Power of AI in EDA for Chip Design
April 9 | 9:00 am
Understanding the ROI of a 5G-enabled factory
April 9 | 12:00 pm
The digitizing physical operations with AI opportunity, for the embedded market
April 9 | 5:00 pm
Customer story: Designing with iMX8 and Windows IoT
April 9 | 5:00 pm
Security fundamentals in Windows IoT Enterprise
April 10 | 9:00 am
Accelerating AI on the intelligent edge: Qualcomm and Microsoft vision
April 10 | 5:00 pm
Windows IoT on Arm
April 11 | 9:30 am
Navigating the IoT Security Regulations Landscape
April 11 | 11:00 am
Unveiling Advantech’s Edge-to-Cloud Journey towards AIoT Fulfillment
April 11 | 11:30 am
Modernize your infrastructure and applications with Azure Arc and AKS at the edge
April 11 | 12:00 pm
Microsoft Tech Community – Latest Blogs –Read More
Meet Microsoft SQL Product Leader – Sanjay Mishra | Data Exposed
Learn about the future of Azure SQL with Microsoft SQL Product Leader, Sanjay Mishra.
Resources:
View/share our latest episodes on Microsoft Learn and YouTube!
Microsoft Tech Community – Latest Blogs –Read More
‘Last Exchange Server’ Scenario Feedback
In April 2022, we released an update to Exchange Server 2019 Management Tools that enables organizations that use Azure AD Connect and sync their Active Directory to manage Exchange recipients without the need for a running Exchange Server on-premises.
If you have one or more Exchange servers that are used only for recipient management (often referred to as Last Exchange Server – LES), you can install the updated tools on a domain-joined machine and shut down your last Exchange Server. For more information, see Manage recipients in Exchange Server 2019 Hybrid environments.
We want to hear from you if the above has been helpful to you and further understand the scope for improvement. We’re particularly interested in learning what obstacles are still preventing the shutdown of your last Exchange Server if your organization does not need full Exchange on-premises. We’d also like to understand your Exchange management scenarios better if you have a hybrid organization (and plan to stay in hybrid).
Please take a moment to fill out the following survey:
https://forms.office.com/r/hMnjGagbGw
Exchange Online Management Team
Microsoft Tech Community – Latest Blogs –Read More
New E5 enterprise license SharePoint access questions
Hello.
how many non licensed users can I add to a group in SharePoint online with my new E5 license?
Can I record incoming phone calls in teams without marking a meeting and recording it?
thanks
Hello. how many non licensed users can I add to a group in SharePoint online with my new E5 license? Can I record incoming phone calls in teams without marking a meeting and recording it? thanks Read More
How to engage nonprofit leaders with AI: Creating organizational alignment across leaders
When I reflect on the many conversations I’ve had over the years about digital, there is a theme which unites them all. So many of these discussions were ostensibly about digital transformation, but they were really about decision making and accountability, and whether there was a vision for change that others could get behind.
These are all key elements of the discussions I’m having with nonprofits about AI. Leadership is the Ingredient X of digital transformation. The need for strong leadership is even more important in the fast-paced world of artificial intelligence.
The subject of how nonprofit leaders are responding to AI is very much on my mind at the moment, as we are gathering data about this across the UK in the survey to build this year’s Charity Digital Skills Report. We want to hear how charities and their leaders are using AI, what they’ve learned about adopting these tools and what they see as the opportunities and challenges ahead. Yes, you’ve guessed it- so much of this comes down to the leadership that nonprofits are getting, or not getting, about AI.
Digital skills at board level and what this means for your nonprofit
One of the things we will be looking at in our report is whether there is a correlation between digital skills at board level and AI adoption. In the UK, digital skills around the board table is a significant and systemic issue.
In last year’s Charity Digital Skills Report we heard that:
For the fifth year running, 56% of charities still need their CEO and board to provide a clear vision of what digital could help them achieve.
In addition, 57% of boards have skills that are either low or have room for improvement.
42% say there is a need for more data informed decision making at board level.
Why are digital skills on UK charity boards so low? In truth this picture hasn’t really changed since 2017 when we founded the report. In the UK, charity board members are unpaid volunteers. Much has been written about the lack of diversity on UK charity boards, with recent research revealing that charities lag behind FTSE 100 companies in terms of board diversity. This means that there is a lack of diverse perspectives on these boards, without which it is harder to form a clear vision for the future.
Age may also play a role here. According to Getting on Board’s research, the average age of a nonprofit trustee in the UK is 60-62. A mere 0.5% of trustees are 18-24, despite making up 12% of the population. So, there is a lack of digital natives on trustee boards.
What this means, for AI and other areas of digital transformation, is that it is significantly harder for trustees to offer the right strategy, scrutiny and support without the skills and diverse perspectives required to futureproof nonprofits. And this is likely to have an impact on speed, scaling and risk management when adopting AI.
I’d love to hear from those reading this outside the UK how these stats compare to your experience, and what might be influencing the trends you are seeing.
How to bring leaders on the AI journey
If you’re in a situation where your board, or your wider leadership team, are wondering what to do about AI, or AI is way down on their list of priorities, this may be due to skills. It may also be the result of a lack of headspace and time to think strategically, given the pressure that nonprofits are under at the moment.
The good news is that there are still many ways you can engage nonprofit leaders with AI. Here are three tried and tested ways I have seen work with leaders:
Demystify the technology. The way that AI is talked about in the media can feel intimidating and inaccessible. News stories often focus on apocalyptic predictions or technical coverage of new products. We need to make AI tangible and real for busy nonprofit leaders. I do this by showing them how AI is all around them and how they are using it every day (even without realising it), for example when unlocking their phone with facial recognition or using predictive text to draft an email.
Show them how organizations similar to theirs are using AI. Leaders are, by their nature, competitive people. So, they need to see what the competition is up to. If you work for a cancer charity, show them how other cancer charities and other health organizations are using AI to deliver better services, make research breakthroughs or fundraise.
Signpost them to resources. This can take the form of blogs, such as this excellent piece on how nonprofits can take their first steps with AI by Kim Brooks, Community Engagement Program Manager in Microsoft’s Philanthropies network. You could even compile a shared list of AI resources for your board and leadership team, focusing on bite sized content which will fit easily into their busy schedule such as blogs, podcasts and short courses.
Next steps for leaders
Where can leaders go from here? You can get your leadership team on the same page with AI by helping them create a shared understanding of the potential for AI, review progress to date and develop their confidence to make the right decisions about AI. We have a free checklist to help nonprofit leaders do this. It’s split into topics that gradually become more challenging, so you can take it one topic at a time if that’s easier.
AI is a huge opportunity for nonprofits and their leaders. It can help your organization reach more people and scale up its impact if you adopt it in line with your values and get your leaders on board with your approach.
Microsoft Tech Community – Latest Blogs –Read More
Customer review: Solgari is an intuitive, quick-to-deploy tool for improving customer engagement
Solgari Contact Centre, an app published to Microsoft AppSource, provides all-channel customer support from within Microsoft Teams and includes AI-enabled self-service options. Microsoft AppSource interviewed Rachell McConkie, Contact Center Product Owner at CallTower, to learn why she recommends Solgari Contact Centre.
What do you like best about Solgari Contact Centre?
What I like best about Solgari is how they are helping our customers to enable all their staff to become customer experience champions. The solution is so simple and quick to deploy, and because it sits within the Teams app, our customers find it really intuitive and easy to adopt and can start enjoying the benefits immediately. Their generative AI copilot is included at no extra cost for the users, which makes it easy for us as a partner to help our customers start their AI journey.
How has the product helped your organization?
Through CallTower’s direct routing and operator connect integration with Solgari, we offer an in-application contact center and communication solution for Microsoft Teams. Empowering our sales team, this innovative approach enables us to offer the native AI-powered customer engagement solution to all Teams users who we are marketing our voice services to. This is currently a market of 25 million users globally, and it’s growing by 50% per annum, so as partners we are focused on a fantastic sweet spot with huge demand for native contact center and customer service apps within Teams.
How are customer service and support?
The service and support provided by Solgari are fantastic! If we encounter any issues or have questions about the solution, we can reach out to the Solgari team via email, chat, or phone at any time and receive a swift and comprehensive response. As partners, we hold weekly sessions to review ongoing opportunities and discuss all of our Go-To-Market activities.
Any recommendations to other users considering this product?
Solgari is an app fully inside the Teams application. Agent workflows will be different than traditional Teams functions when adding the additional Contact Centre platform to their Teams setup. Solgari can be set up very effectively for your agents within days, not months.
What is your overall rating for this product?
5 out of 5 stars.
Cloud marketplaces are transforming the way businesses find, try, and deploy applications to help their digital transformation. Learn more about Microsoft AppSource and find ways to discover the right application for your business needs.
Microsoft Tech Community – Latest Blogs –Read More
Microsoft Automation and Integration day in Toronto!
On April 25th, 2024 there is a unique opportunity to hear the latest about Power Automate and Azure Integration Services in a local event.
This is a free, in-person event and will take place on April 25th in the Microsoft Canada office in Toronto. Registration is required and is available at https://aka.ms/toronto
Microsoft Automation & Integration Agenda:
8:45 am – Welcome
9:00 am –Keynotes
10:00 am – Customers Show Case
11:00 pm – Lunch & Networking (Lunch will be provided)
12:00 pm – Partners Show Case
1:00 pm – Breakout #1/ Breakout #2
2:30 pm – Closing Remarks
2:45 pm – Event Close and Networking
Note: This is an in-person event, there will not be an online component, nor recordings made available.
Learn more about this event here:
Microsoft Tech Community – Latest Blogs –Read More
Logical Networks in Azure Portal for HCI: Setting the Stage for Software Defined Networking
At this past Microsoft Ignite 2023, we officially announced the public preview of logical networks in Azure Portal for Azure Stack HCI. These logical networks, also called LNETs, are traditional VLAN-based networks. You may have noticed that this construct was previously called virtual networks in Azure Portal. After all, if you compare the Azure Stack HCI experience to Azure, a virtual machine always gets connected to a virtual network; thus, why is it necessary to bring in logical networks to Azure Portal for HCI?
In Azure, everything is virtualized, and any customer who is trying to onboard their workloads onto Azure is doing it all on a virtual network. However, in Azure Stack HCI, there are customers who want to put their applications either on a completely virtualized network or on a physical network. In order to create that differentiation, we have introduced logical networks to represent your physical networks.
It’s important to note that in a few months, logical networks will give you the ability to provision network security groups on your logical networks in the same way you can provision them on your virtual networks on Azure. While currently you can attach a virtual machine to a logical network, you will later get the capability to not only provision network security groups to secure your VMs even though they are sitting on regular VLANs, but you will also be able to create and manage software load balancers with SDN logical networks. All these policies will be software-defined with no changes needed on the physical network.
Now, you may be wondering how you can provision Azure-style virtual networks through Portal for HCI… do not worry, because virtual networks are coming soon! The virtual networks that we will be bringing in later this year will function in the same way virtual networks in Azure are currently used; all we are doing is bringing in LNETs first to ensure that we have two different types of networks available and that the other type of network, which is your physical network, is represented.
Ultimately, launching logical networks on Portal was needed to bring our north star of SDN virtual networks that will be coming in late 2024. Logical network support through the Portal is an essential part of SDN in ASHCI, as it allows you to start using SDN with VLANs that you are already familiar with. With logical network support in Azure Portal, you can understand how SDN can provide value to your workloads before moving on to virtual networks and therefore be able to integrate SDN more seamlessly into your networks.
Please check out the demo below showing the logical network experience in Azure Portal. In this demo, Azure Stack HCI Senior PM Varun Lakshmanan demonstrates how to create a static and dynamic logical network as well as provision a virtual machine on a logical network in Azure Portal for HCI.
We are so excited to finally bring in logical networks, and we hope you can reap the benefits of LNETs in the Azure Portal experience for HCI. Please look forward to additional security benefits added to LNETs with network security groups as new SDN capabilities are added later this year. As always, please feel free to give us feedback on your SDN experience by emailing sdn_feedback@microsoft.com. We hope to continue improving our product and your experience in any way we can!
Microsoft Tech Community – Latest Blogs –Read More
Partner Blog | Partner Center Technical Corner: March 2024 edition
In this month’s edition of Partner Center Technical Corner, we’re covering the updates that will help you and your organization be more efficient, informed, and secure. It begins with a spotlight on the power of AI, then covers calls to action and before diving into the latest releases. As always, at the end of the blog you’ll find the most up-to-date technical roadmap and essential Partner Center resources.
Continue reading here
Microsoft Tech Community – Latest Blogs –Read More
Feel empowered and ready for AI with our new webinar series!
On Thursday March 14, the Viva People Science team kicked off our new AI Empowerment webinar series, designed to help you feel empowered, excited and ready for AI in your organizations. In this first webinar, we heard from Carolyn Kalafut (Principal People Scientist, Viva People Science), Gogi Anand (Business Value Manager, Copilot Growth), Melissa Barry (Head of Customer Empowerment, Viva People Science) and Hao Lui (Senior Product Manager, Viva Glint).
The presenters shared tips on how to roll-out AI in your organizations and other useful Microsoft resources on AI readiness. We then heard more about our developments in AI and Copilot in the Viva Glint product.
If you missed the live event, you can watch the recording and access the slides from the session below.
Join us for the next event in this series: AI Empowerment – The game-changer for the employee experience.
Microsoft Tech Community – Latest Blogs –Read More