 Hi everybody, back again for the next season of From the Rock to Cloud Season 2. And as you know in these series, we talk about, well, all things server, all things on-prem, all things cloud and hybrid, what does that mean? There's lots of buzzwords, lots of technology, things get confusing, so we just try and have a real conversation with an expert. I take the role of the real person who doesn't understand technology, and then we wheel in an expert. And so the whole point of what we try and do is trying to simplify this technology so that it makes sense, so that A, you understand it, B, you go talk about it, go and find out more, and C, so you can go sell it and make some money from it hopefully, or in fact get the benefit of it from your business if you're an end customer. So yeah, so look, you know, lovely to have questions. If you've got any questions, let us know. We're going to be posting this far and wide this season. It's going to be going on Channel 9, well, Fingers Cross, all over the place. So hopefully we get lots of questions, lots of interest in anything you want to know, anything you're like, you know what, I'll just ask those rock to the cloud guys question. Please talk to us, we're more than we're talking to you. So today, what are we going to talk about? As always, server, but things have happened in server. We've just launched a new server. Come on, Thomas, round of applause. Round of applause, thank you. Yeah, I know that everyone in the crowd watching is going absolutely wild with server 2022. But server 2022 is really, it's the tip of the iceberg. I think it's our first proper cloud ready server OS. So that kind of brings together hybrid cloud. And we're going to be talking about Windows Server 2022, hybrid cloud and Azure Arc, which Azure Arc, every time I start finding out about this, it just blows my mind. So hopefully the next 30 minutes we're now going to be catching up with our special guest, Thomas Moira. So is going to blow your minds. So today you've got Tom Tom, and we're going to try and navigate you through Azure Arc in the next 30 minutes. So absolutely, we'll also have those fun elements as always, which I think we tend to have a few memes. We'll just see again if I look stupid, which is what tends to happen to it. So Thomas, over to you again. I know we introduced you many times, but just tell us a little bit about yourself, please. Yeah, first of all, thank you for having me today. I mean, it's, we have really some really cool, exciting stuff I want to talk about today. Yeah, so my name is Thomas Moira. I work as a cloud advocate in the Azure engineering team. And what our role is, is basically to create different kind of content, get feedback from our customers about what is not working, what is working, what can we improve and make better and bring that back to the different engineering team. So I'm obviously not just presenting today. I'm also happy about the comments you have for us and the things which you would like to us to improve. And so yeah, I'm focusing obviously a lot on the hybrid technologies, because I think this is where a lot of our customers are and will be even in the future, where they end up in a hybrid state or they run some stuff in the cloud, but also a lot of stuff on-prem, maybe even different cloud vendors as well. And yeah, with Windows Server 2022, we get some awesome stuff going. Cool. I love talking to you because I learn something every single time. So I'm looking forward to that today, no pressure. But one of the things that we talked about, like pre-talk talk, was you've got some demos. So today's got some exciting demos. So fingers crossed, they all work as well. So there's absolutely no pressure on your talk, Thomas. And thanks for telling us about what you actually do at Microsoft, because again, most people don't know what any of that means. So that's brilliant. So let's jump into today's topic. Let's talk about Windows Server 2022, the hybrid cloud with Azure Arc. So let's not waste any more time. So let's contextualize this, right? So a server is something, and this is the way it's always been, a server is something that you have in a room or it's in a non-prem data center. That's just how it works. But how does it now work with the cloud? How does it now need to work with the cloud? So you bring up a great point, right? Windows Server has always been a great application platform, or even like building your hyper-converged infrastructure or building your infrastructure in terms of active directory servers, exchange servers and so on. That was always and is always been one of the scenarios for Windows Server. But with the cloud in Azure, we also offer to run Windows Server in the cloud. And actually, we offer a ton of different things to make Azure really the best platform to run Windows Server in the cloud with many of our different management features, as well as some special offerings we have there as well. Now, what we learned from that is that, like our customer says, well, this stuff is really great. The stuff we do in the cloud is really great. Let's why not just like, can we use the same stuff to make our on-premises environment better? Meaning taking these management services which run in Azure and then bring that and connecting like service which run on-prem, but I can still use the same tooling and management experience and get all these benefits. So really this time it's really about like running Windows Server on-prem, running it in Azure, but then combining it in a hybrid world. Okay. So it creates that ubiquitous computing. I've learned that word, but it creates that ubiquitous computing environment where you don't have to worry about which bits are where. You can manage it all together and you can manage it in the same way. Right. Got it. So that's pretty straightforward. So that leads to this hybrid state. And another thing that people say all the time is multi-cloud. Right. I've got a multi-cloud environment. I've got a public cloud. I've got a private cloud. I've got clouds with different cloud providers. So what? Yeah. So that is exactly something what's happening. Right. As I talked, I believe that a lot of our customers will end up in a hybrid environment. Right. And a hybrid is not going to just be in between state until they moved everything to the cloud. For many of our customers, there are multiple reasons why they want to run their infrastructure or their application still also on-prem, like combining best of both worlds. These can be data sovereignty reasons, regulatory reasons, networking reasons. Right. We have, I worked with a company who has like different factories all around the globe. Some places they do not really have a reliable network connection. So they cannot have the whole factory standing still because their internet is not running. Right. So they need to have something there to make sure that everything runs. And there are many, many of these examples. And we hear that from customers as well that they will end up in that scenario and actually end up in saying, hey, we see the on-prem value. We see the cloud value. But let us make it help us making it better to combine these two in terms of like making it easy to extend to the cloud, making it easy to take advantage of the stuff we have in Azure and bring that back to the on-prem environment. And again, many others are the vicious as well. And that is what we're trying to address. Okay. Right. So that makes that I'm getting that now. And that makes sense. So server 2022, obviously it's a whole year ahead of right now. So that's something really futuristic. What does it offer when it comes to hybrid? So first of all, let me say like obviously hybrid is one of the big investment areas we have in Windows Server 2022. We really do a lot of stuff. And that's what we're going to talk about in this session. But for everyone who is watching, there is obviously a ton of more stuff, especially when you think about security or like application platform and many, many other improvements. And some of them, we don't even do a good job in all announcing all of these. For example, like Hyper-V nested virtualization for AMD CPUs now and a lot of stuff which is really great, which we have in there. Now, when it comes to hybrid, there's a lot of stuff there. But I want to talk today about three different things. First of all, I want to talk about how we bring actually Windows Admin Center to the Azure portal. Because as you know, Windows Admin Center is our tool to manage Windows Server, which is like you can download it, you can have then a web-based experience to like manage all your servers from that. But if you run stuff in the cloud, you probably don't even run a Windows Admin Center server, right? You probably want to take just advantage of the Azure portal. So that is one thing we're going to look at. The other thing we're going to talk about is Azure Arc, obviously. One has one of my favorite tools to actually connect servers which are outside of Azure. And on purpose, say outside of Azure because they could run on premises, but they could also run even at other cloud providers, right? So we want to bring that management experience to all the servers wherever they are running. Like on any, basically on any place wherever your server is running. And last but not least, I will show you a ton of these management services. And obviously, I make it look easy to set these up, but I have to tell you sometimes. Of course you make it easy. Of course you make it easy. That's why we've invited you. If you did make it easy, you wouldn't be on the show. So of course you make it easy. So I'm being completely honest here. Sometimes, I mean, if you do that in a production environment, there's a lot of things you need to onboard. And to be honest, it's always has been that way, right? You have to think about backup. You have to think about monitoring. You have to think about change tracking, security, and all that stuff. And it doesn't really just necessarily mean it's because of Windows Server. It is basically with all operating systems or all the apps you're running, you need to think about this. So I want to show away how you can use a service in Azure to make that way easier than it was before. OK. Yeah. I mean, look, absolutely. Hopefully it's all about making things easier. That's what I've picked up, right? It's, you know, from a security perspective, you're going to get the latest and greatest security. Right. Get that. But actually, how do we make these complicated scenarios and all that that you talk about? How do we make that easy and manageable? So that makes sense. Right. OK. So you said that we can have Windows Admin Center directly integrated into the Azure portal. That's correct. I'm guessing you can show me that? Of course. As always, I'm prepared, right? The magic of a live demo. Here we go. So this is actually, and again, I hope everyone knows this. This is the Azure portal, right? And what you can see here, I went to the virtual machine page here. You can see I run a couple of virtual machines here, mostly Windows Server, but you can also see that we obviously run Linux as well. And if you click on one of these virtual machines in Azure, for those who probably haven't really worked with virtual machines in Azure, you can see here that I get features to, for example, connect to the machines, restart, stop, and so on. I get additional information. And you can see here on the left side where I'm scrolling, you can see here a ton of additional management services. And we're going to speak about these in just a bit, how you can leverage them as well. But what I really want to show you is here this new one, which says Windows Admin Center. So we offer you all these great tools, right, in Azure to manage like your servers at scale. But in some cases, you really need to go in and maybe troubleshoot even deeper into that server. You need to probably go and have a look at performance monitor or stuff like that, right? So usually you would just go in and you would probably RTP into that machine and then order in the chump post and then open up your management tools or open up your Windows Admin Center you installed there. But why not just like have that in the portal experience? So if I click on Windows Admin Center here, you will see that I already prepared this server to be able to connect. Since this server does not have a public IP address, I can even connect using a private IP address. So when I click on connect, I just need to provide the username and password of that server. If I typed everything correctly, you can now see here that Windows Admin Center is loading. And what you can see here doesn't really look different from Windows Admin Center you can install on-prem. But you can see here on the top, it's actually really running in the Azure portal, right? So that is something I want to show you. And then you get like some overview stuff here. You can see here that like I get the graphs usually, which I have to look at the different types of things which are happening in terms of network bandwidth and so on. And many, many cool stuff here. Yeah, it's very cool. So what we also obviously want to show you, it's nice to look at graphs, right? Especially like in a demo, it always like impresses managers and people. But in host of the show, very important. But what I find very cool is here, we have like tools integrated. So if you now need to manage certificates, or you want to see what certificates you have, you have now a web-based certificate manager in Windows Admin Center. And now with the integration into the Azure portal, you don't even need to go. So you can just go and browse through that experience. Same thing for, let's say device manager, where you can just go and see what devices do you have here. So I have like, for example, if you want to look at disk drives and so on, you have that as well. And a ton of other stuff like event management, users and all the probably the stuff you need. Even a web-based registry editor, right? Which is sometimes can be handy. So if you quickly need to go and change the registry key, you can do that as well. But what I want to show you here is now, especially in the troubleshooting scenarios. So if I now need to go out and say, hey, I need to look at some performance monitors. I can do that here as well. So I can create a new workspace here. I can go and add some of my performance counters here. So in that case, let's do, that's always generates nice graphs. So let's select all. And then let's say, what do I need here? Let's do this. Sorry. Oops. That's not what I wanted. Actually, CPU time. And then I can here have different graphs. I can also say I'm on a line graph as well. I can then join like min max or even do a heat map and all that sort of stuff. Whatever I like to do for this specific tool set and for that specific report, right? So that is something I can now directly do from the Azure portal. I always can also, as I can do with Windows admin center, I can also do like PowerShell Remoting Session directly within that. So I have an interactive PowerShell session. I'm not going to wait for everything to load. I don't want to show you everything, but you get the idea that I can now manage my Azure virtual machine using Windows admin center directly from the Azure portal. So basically everything you can do on-prem with Windows admin center, you can do on Azure. So almost everything, right? There are some like stuff where we don't have integration yet for these different tools, but for the necessary tools, for the basic tools, we absolutely have that, yeah, correct. Right, okay. So with those admin center, managing like a hybrid cloud, multi-cloud environment, it becomes more and more important. So how can Azure help with that then, right? Yeah. So I mean what I've seen now, this is now cool. I can use Windows admin center to really drill down into Windows server to manage that, to do all that. Now, you don't want to probably do that every single day, right? Especially if you have like hundreds or thousands of servers. If you do want to do that at a certain scale, you probably want to like automate processes. You want to take advantage of the management tools and not always go and actually dive into this. So in Azure, as I just showed you before, we have a ton of different management tools to actually do that. Like I showed you the list on the left side with the different things like monitoring, update management and so on. Now, the challenge is that our customers not just running in Azure. They are obviously running Windows server anywhere. Could be on-premises, could be somewhere in a branch office, retail stores, factories, or even other cloud providers. So what we really wanted to provide is like we take the Azure... Look, I just want to just be careful there, right? So we don't recommend you use other cloud providers. I mean, obviously you can, you feel free to, but we don't recommend that. Absolutely. I mean, there's... As I mentioned before, there is absolutely a... Azure is definitely the best place to run Windows Server. But there are reasons why in some cases customers are spinning up Windows Server and other cloud providers as well. And so we want to give them an experience so that they can leverage Azure as a control plane and use those management services. It doesn't matter where the service is. So let me quickly show you that maybe in the Azure form. Yeah, go ahead and show us. Go for it. So when I go here, for example, to all resources, what you can see here, everything in Azure is an object, right? So you can see here I have like virtual networks, virtual machines, I have IP addresses, I have databases, disks, even IP addresses, even public IP addresses can be an object, right? And everything is usually joined to a resource group and it's based in a subscription and you can use cool things like tagging here. For example, for marking your cost center or your department, this application is running on. Now, customers told us this is great to manage stuff at scale. So why not just use this? This resource, Azure Resource Manager, to manage all the resources doesn't matter where they are. And to show you that, I already connected here a couple of servers using Azure Arc. So Azure Arc is really the bridge between the systems, the servers which are running outside of Azure and Azure itself. So I have already, as you can see here, connected a couple of those beforehand. And then I also want to see all my servers. So I also have servers in Azure. So in this case, I scroll down. And if I scroll long enough, you can see here, okay, I want to see my virtual machines, apply that filter. And now what you can see here is I can now see in one view all my servers. So you can see here my Azure virtual machines, but also my servers here, like app 01 and 02, which are servers which are running here in my little data center underneath my desk, right? So this is like a great thing. And then as you can see here, you can use things like tagging to create different filters. So if I want to see all my servers from a specific cost center, I can also apply that. And it shows me like only servers from these three different cost centers. And we get that single view. Now you might say, well, Thomas, this is great, but okay, I mean, I get that you want to show us some visibility, but I need to do more. And one thing I really like is when it comes to like getting a compliance overview, because then I can always see how bad I'm doing. Man, your Christmas at your house must be like seriously, you know what I mean? Well, let's just do a little compliance overview. Christmas morning, love it. I always ask for reports, right? From all my guests about their compliance situation. So here I'm in Azure policy, and you can see here that like for those who don't know what I can do with Azure policy is I can configure my Azure environment the way. I can limit, for example, what people can do. So I can say, hey, you can only deploy in certain Azure regions. I can only deploy a certain size of Azure virtual machines or Azure services and so on. However, what a lot of people don't know, there is something called Azure policy guest configuration. This allows us to audit operating systems of Azure virtual machines. And with Azure Arc now, also operating systems of servers running outside of Azure. So to quickly show you that, I'm making it very fast here. If I already deployed a policy which basically goes out and checks for insecure password settings. So I said, hey, do that's not just for my Azure VMs, do this as well for my servers outside of Azure. So what I want to do here is I would go to compliance view. And now you can see a couple of things. First of all, you can see that I do a horrible chop when it comes to compliance. Secondly, you can see here all the policies I have assigned. And the one I just mentioned, for example, like to audit for insecure password settings, you can now see that here. And you can see here what are actually the rules. So simple checks, like for example, you would also do using group policies with your Windows servers. For example, going out and checking like that the password, maximum password age and path of length and so on, right? A set of rules, which we by the way have predefined or built in once, but we also have a couple of them which you can define by yourself. You can basically write your own rules as well, your own policies as well. But more interestingly to actually look at the rules now is actually to see, okay, what resources are not non-compliant. And so if I click on this, you can now see here that I cannot just see my Azure virtual machines here, but also my server is running outside of Azure and you can see that by the resource type here. So you have Microsoft.comput virtual machines which are Azure virtual machines, and then you have the Microsoft hybrid compute machines. These are servers running outside of Azure. And you can see here both of, like all my servers actually are not compliant with these rules and I should actually go out and fix this. You're not a rule maker, you're a rule breaker. That's what I'm talking about. Yeah, I feel always so horrible when I look at my compliance date. But it makes up for a good demo environment, right? Yeah, yeah, yeah, definitely. Well, okay, so that's cool. We've talked about Azure control plane. We've talked about policies. But once you're on board a server in Azure, using Azure Arc, like what else can you do with it? Because I'm pleased as punch, I've managed to get my hybrid server into my Azure Arc and I'm just like, it's not compliant. Obviously, hopefully we can fix the compliance, but what else can we do? Yeah, no, this is actually an excellent question, to be honest. So if you want to manage, I mean, I know you're always asking the right questions, right? No, so if you want to onboard a Arc server, or if you want to start managing specifically Arc servers, then where you go is like, you would go into Azure portal to Azure Arc. And this is where you basically get everything, like from the onboarding experience from all the different services in Azure Arc we are offering. It's not just about servers. It's also like, for example, Kubernetes clusters, SQL servers, Azure Stack HCI, which we can onboard as existing resources, what we call the Azure Arc enabled infrastructure. But then we can also, for example, go out and deploy Azure services outside of Azure, which is also, by the way, pretty cool. But you asked about servers. So we're going to have a look at the servers here. And you can see here, these are my servers. I actually already connected using Azure Arc. And the way I would connect the server like this is very simple. We even have a wizard which helps you generate a little script to do that. But what it actually does, it downloads the agent, installs that agent, and then connects that agent to the right Azure subscription. So I have done that with a couple of servers here. And if I click on one, let's say this F02, you can see here that it looks like an Azure resource, right? The reason for that is it became a native Azure resource, not in terms where it's running, but it has all the attributes of an Azure resource. So you can see here, it's basically part of an Azure subscription. It's part of a resource group and so on. But you can also see here some additional local information. So you can see here that this one is already running Windows Server 2022, for example. You can see here in the bottom, I use tags to make sure where this server is running. So this is my home, by the way. No worries, it's not yours. But you can see here, I can then actually take advantage of that to sort my resources. Another big benefit now is that I can also use role-based access control. So what I can do is now I can use Azure Active Directory and say, hey, who can actually manage that server from Azure using Azure Arc, right? So for example, if this server belongs to a SharePoint farm, for example, and I want the SharePoint team to be able to manage that, I can provide them permissions using Azure Active Directory, and then they can actually go out and manage that using Azure Arc. And everyone else can manage that server. I can just not allow them to see that server to manage it. I can also provide things like Read Only as well, right? And all the good stuff we have, obviously in Azure. And that provides another benefit. We are now seeing customers taking away the local administrator rights from their big group of administrators and just managing their servers using Azure Arc. Because if you do now something here, like with all Azure resources, you also get an activity so you can then see what actually who did actually do something to that resource. So that is also very interesting if you need to have an environment which where you can have audits and so on and see who did the change to a server. And that will improve your compliance. It will improve your compliance. It will improve my compliance. Absolutely, absolutely. Now speaking of compliance, I can obviously see here on the left side, I have one thing, policies. When I would click on this, I can see now all the policies which are assigned to that specific server, right? You have seen I had a bunch of them, but now if I'm the server administrator, I would only see the policies which are really assigned to this specific server. And you can see here, this is again like auditing the password settings and so on, and I would get that information. Now, I also have some other help here. Really important, I have Azure Security Center onboarded, right? This allows me to use Azure Defender for servers even though the VM is not running in Azure. And then I could also security recommendations for that specific servers, for that specific server. So you can see here, there's a bunch of things I need to do. And if you're not familiar with Azure Security Center, it even gives me a priority state what should I go out and do first. And so those are things I actually should go out and fix for that server. Super easy. It's like basically one click onboarding to Security Center and then I already have that benefit without going through all the rules and create them by myself. Really, Azure Security Center is there to make my things even better. Cool. That is cool. There's more. There's more. There's even more. So I showed you, for example, the Windows Admin Center integration where I can do event log views and so on. Now, this would again mean that I actually need to go into that specific server. And sometimes I just don't want to do that. I don't want to go and remote into a server or use like something. Sometimes I have a server which I don't even have network connectivity directly through it. So what we have is lock analytics. And lock analytics really allows me to do queries of the logs on that system, right? So the logs are uploaded to a log analytics workspace. They're stored there at scale and then you can do queries on this. Now, one thing I usually like to do is, for example, let's go for security events. So I can see then it goes through all the log data of that specific server in terms of security events and I can see what's happening on that system. I can also do other things like performance monitoring and you can see here, depending on what I enable, I can really get more and more out of that. Now, you would say performance log, I mean it's great but now I need to build like my whole monitoring by myself. But of course you can also use Azure monitor. So if I click on insights here you can see here a couple of things I want to show you. First of all, obviously you get the base in performance information. So meaning that you see like disk space usage and so on. You see CPU utilization available memory, disk IOS, disk throughput, latency networking throughput and so on. And you can see here what's going on with that specific system. But you can also set up for example alerts like let's say okay you only want to have if you want to monitor the free disk space on a server, you can set up alerts and then you can get notified using Azure monitor as well. And obviously you can also go like I mean you can now watch that per server but you also have a central place with Azure monitor to centralize you have a look at it. But what I find really cool is the dependency view. Now sometimes you really want to figure out okay what is this server doing? Where is it connecting through? Who is connecting through that server? So in this case you can see here I have my server here. You can see here the processes running but I can also see the clients connecting to that specific application server and then I can also see where is this server connecting to based on the different ports so I can see here some ports are like web ports some of them are remote management ports so if I look at for example port 443 I can see here that this server is connecting for these public endpoints it says like servers but obviously it can also be like some sort of an API. So in this case for example you can even see if I zoom in here a little bit more you can see here that this one connects to the ARC API which is obvious because we installed the ARC agent on that machine and it connects to the ARC API so that shows up here in our monitoring tool as well. Cool that is cool but you know and there is always treasure if there is a map there is treasure and I think just showing us a little bit of treasure. So now I know that customers that are onboarding all of these management tools they are probably thinking there is a bit of work to do right because all of this stuff that Thomas is just showing me looks great but it looks like quite hard work right so I am guessing you are going to tell me it is not but why is it not? Well, so first of all it looks complicated to me so first of all the onboarding of this stuff I have to be honest it is not that hard right I can onboard this and the monitoring pieces, the security center even update management and so on super easily however there are some like best practices I probably should take care of but I still should also be aware that hey what happens if someone changes the setting and it doesn't work anymore what happens then a lot of people are now why would I even be responsible for patching my servers why would I need to be the responsible person for making sure that my server is backed up or this is really becoming a commodity at the end you are running servers not because you want to run servers well I do sometimes but in many cases in all cases you run servers because you want to run an application or a service on top of that and the server is just there as a server what the name says and so what we have to make this easy Azure can take those management activities away from the admins if they need to and no worries if someone now thinks they have gone trust me there is a lot of other stuff which you can still do and you have to do and we are in a very good position so what I want to show you here I'm quickly going back to the Azure portal is a service called Azure Auto Manage and that is where Azure actually provides a management experience and does manage your servers so for example if I go here to Azure Auto Manage you will see that I already have my own board here one is running in Azure it is an Azure virtual machine the other one is an Arc enabled server and you can see here they already configured they are already ready and they are taking advantage of the Azure best practices now I want to quickly mention what are the Azure best practices so if you are dealing with Azure you probably come across the Azure cloud adoption framework this basically gives you resources and guidance when it comes to Azure and this is developed by the product groups by our customers by our field staff and bring all that knowledge together and we basically put that in the cloud adoption framework now you can read about how to configure monitoring how to set all these things up but why not just have a service like Azure Auto Manage do that for you so what I want to show you here is how fast it is to actually onboard the server to Azure Auto Manage so I basically just click on enable auto manage I select the servers I want to manage by Azure Auto Manage and you can see here again it's not just my Azure VMs it's also my on-premises server which I can configure but let's for now take an Azure VM and then I can choose between if this is a dev machine or a test machine or a production machine right in some cases you have machines which they're not really important to a production environment but they still need to be managed they still need to be secured they still need to be like my monitored and stuff like that but you don't necessarily for example need a backup or something like that so you can choose between that and if you want to see all the services which are onboarded so if you click on compare you can see here this is the huge list of services we are onboarding to a production machine think about like monitoring backup security center update management change tracking guest configuration automation lock analytics boot diagnostic you name it right a ton of services and if you then look at test you can see here that some of them drop out because they're probably not worth doing for a test environment but again you can choose if it still needs to be done you can still also select production as well in my case I will go for production and then what I can choose here is the configuration best practices we just talked about so I can select the Azure best practices or I can create my own preferences so if I want to know what I actually can configure so this is for example like the backup frequency I can configure and the anti malware configuration but if I want to do other times again create my own preferences and then I just hit enable and that's it it will then take a while runs a couple of minutes will deploy these configurations and these management services to the server and from there on you don't have to take care of that server in that sense anymore Azure will do that for you wow that is cool isn't it like do you know what I mean like and it is actually pretty simple so if someone wants to be as cool as you and they wanted to find out this stuff where can they go find out more Thomas so we definitely have a couple of links in the documentation which I recommend going through especially for Windows Server 2022 for Azure Arc for Windows Admin Center as well as for Azure Auto Manage there you can find basically all the information I also highly recommend to have a look at the cloud adoption framework where we have all more info stuff about these different hybrid technologies and we have a special guide there especially for customers who work in hybrid environments wow so that was the science part I feel like that's me just pumping my hair I got enough of the advert on this early but let's do the fun part because I know you're normally all about compliance but now we're going to talk about fun so we're going to do our server meme review as always the producers this is a total surprise I've not seen this they love to show humorous and funny memes and generally speaking embarrass me so we've got a couple we've got two memes today and we're going to obviously if you have a meme send us the meme if you comment or ratings on the memes even let us know if it's a good one or a bad one please do tell so let's do the first showcase for meme one let's have a look and let's discuss it okay so not sure if this is a server room I don't think that is a server room it's just like a wall of networking or if it's someone having a spaghetti festival that's not real I have no idea I mean I've seen many many of such pictures and I'm always I believe it could be real it could be real it's just if it is real I don't want to work there I hope and you yeah yeah I don't know I hope it's not but like surely the Azure are kind of know this would mean that they didn't have to have all those cables I mean they've got enough cables there to go around the moon that's ridiculous yep yep especially like it's great that they have all the same color I mean I I'm not sure if different colors would make it even better but that's tough that's that's a rough one that's spaghetti yochan and obviously fry as well right okay so right meme two here we go I'm ready for this one there are no bugs in the Azure cloud there are no bugs there are no bugs no I haven't heard of any no of course of course you're going to say that of course you're going to say that I haven't heard of any yep no but this is where you're on the spot now I haven't heard of it no I mean it's where we have software right there are obviously bugs there's no question but that's also where we have this for example this bug bounty programs where people who find bugs get actually paid if they depending on how big if there's security bug or whatever and obviously we try to work on that so but so we're hunting bugs like in Starship Troopers oh definitely there's a bug bounty yep there is like so if you are someone who works in IT security and you find a bug like a security bug in Azure you obviously report that to us there's an official website where you can make that report and then you can actually go and even get a reward for this because we're happy that people telling us obviously about these bugs so we can actually fix it so that that is something something great we are doing so there are no bugs in the Azure cloud because we've caught them all and paid out on them because we have so many great people looking out for bugs that is what it is that is what it is so I love it if you've got memes if you want us to talk a meme if you want to show an expert like Thomas a meme and then he can tell you how to make money out of bugs who knew you can make money out of bugs we'll find out that official website address as well and we'll put that in the information as well on our recap because like you know what I mean that if you can make money if you can get money from Microsoft then then then do it right so let's just have a quick recap and these are kind of just my sort of takeaways and here we go so hybrid is going to be the end state I think that you know it's not something that's passing through it's not on-premise hybrid cloud it's on-premise and cloud which is hybrid and they're going to work together and there's always going to be some versions of that for probably as long as I live as long as you for many of our customers I'm not saying for all right if you would today build a start up depending on which in which industry it's a different story but yes I think for many of our customers will be hybrid will be an end state cool and then the other one the other little note that I made was about role-based conditional access and the use of policies and actually that I just thought was so smart because what it means is that you can actually cleverly disseminate the right people to the right place on your whole estate and you can control that and then you can improve compliance which is something you need to do which is very important to me obviously in channel but yeah I think this is a fantastic point it's like when we talk about the single control plane obviously the great stuff is like like a lot of people think about is the management tools like how can I do update management monitoring that's all the good that's all good stuff but what control plane also adds on value is for example to have that identity part right after all based access part where you actually can say hey I have a single place where all my identity and permissions get managed which is auditable and where you can see all that and actually improve your compliance as well so I think that is a very important part which you just brought up Brilliant, well thank you so so much Thomas for joining us today I really appreciate it as always I've learned a ton mind officially blown as requested at the start of the episode so thank you thank you all for listening and joining and you know I know like half an hour long time and hopefully you find it useful and you learn something so this episode from the Rock the Cloud is done but keep your eye out right here on Channel 9 LinkedIn, YouTube for the next episode and remember please do let us know if you've got any thoughts of anything you want to see or hear or you know want to talk to you know like you know like that Thomas Moira guy like you know I don't see him anymore just let us know just let us know, that's fine we'll get some beer, no no no we can't replace Thomas because nobody knows as much as he knows so I think you're stuck with us unfortunately but you know we'll see what we can do and so thank you very much from me Tom and thank you very much from me too it was a pleasure to be here today and to talk to you it's always a lot of fun and I always get challenged by interesting questions so I love that and I hope you to see you in another one yeah, no we'll see you in the next episode thanks a lot, cheers, bye