 Welcome back to another episode of a Zed update. I'm Anthony Bartolo joined today by producer Pierre producer Pierre How's it going? I'm good. How are you? Good good Yes, it is good Friday and yes, it is a holiday But you know what we do this show out of the love of doing the show and we actually have a lot of fun doing it So we figured hey everybody's gonna be home people will be watching. Let's jump on the show. What do you think Pierre? Yeah, I was just gonna ask you how's how's your day off, but you know It's I still consider this a day off I'll probably go, you know watch a couple TV shows after this and I got an oil change to do on the truck So I'm still gonna be a day off for me Pierre you've been really busy. I know you've just filmed the new segment. Do you want to talk about a little bit? Yes, I Just had an interview with Dean Wells the principal PM manager for Azure Auto Manage and It Went a lot better than I expected in terms of like I had planned some demos and some stuff and we ended up not doing none of that because the conversation was so engaging and I actually just for just for the your Enticement for a little taste I figured I'd show you this Preview but the other stuff and even this one the timeline is still up in the air We don't know when yet. We're not quite done with the endless practices This is when I I pressed the the pause button next to your head and insert the disclaimer Yeah And then the yeah, oh nice The app on the expressed in this podcast may not be reflected by Microsoft corporation Okay, no the reason the reason I did that is I Wanted to insert that that's this claimer is because He was talking about like we have like a wonderful discussion not only on the product itself and what's new and and well when the The preview is that and what they're working on But he gave us a ton of information about what's on the roadmap what's being prototype What's like what's beyond the roadmap like stuff? That's not even on the roadmap now that they're thinking about doing so It's gonna be a really cool Interview and I believe it's going to be published next Tuesday on the 6th. Oh Yes, that's why I do stuff like this because it's you're sharing Dean's passion for what he does right and it's It's not just you know feeds and speeds about here's all the things you need to know about X There's the human element behind everything which is really cool And that's you know what we get to do when we do stuff like this or even doing the show You know is it update? We can we can express, you know our feelings behind. Hey, this is really cool What's been implemented what we're doing the pause button is so cool Have that is is Dean based under the UK is he or is he in Seattle? No, he was in Seattle He's moved to Florida right now. So okay. He was telling me that the they just finished his March break. So he visited Universal Walt Disney and NASA I think in one week. So he was happy to come back to work That's a lot. I can't wait to be able to go to Universal and again like we used to do when we used to go For a night to get to go on the roller coasters. I don't think you've never joined me on the roller coasters though No, I'm not a you I'm I I do roller coasters, but It's not my it's it's your thing. It's not my thing as much. I don't get scared I don't it doesn't make me ill or anything. It just yeah I'm just I'm just looking forward to get out of the house. Yeah Yeah, don't remind me if you're based in Canada specifically in Toronto. They announced our third lockdown Which we're currently in right now So I honestly don't know the difference because it's like everything has still been, you know, being very cautious wearing my mask washing my hands You know going to the grocery store. Sorry keeping my distance and and I'm still, you know following all that It's just it's interesting that we're in our third lockdown We do see our friends south of the border than us getting vaccinated. We're still waiting for that to roll out here in Toronto It's real. It's coming. It's happening. It's it's a little bit slow and they're trying to get everything together I get it. This is not an easy thing. I'm just I'm ready. It's it's it's going up with this whole thing. I Too have been busy So I just finished doing a learning path with the Azure defender team And I know I talk a lot about IOT on the show but there's a great opportunity for IT professionals in respect to management and security of the IOT rollouts that are happening amidst these organizations With the pandemic going on there's a lot of need for capturing of information outside of the four walls that you're trapped in and so You know IOT has been deployed even more suddenly through the pandemic in capturing of information of the outside world To ensure that we have all the necessary information for whatever your outcome your desired outcome is I've been actually saying that IOT has been the new hybrid implementation for on-premises architecture and applications feeding information to the cloud and on-premises as well So really quickly if you can flip the screen just to share it actually just went live yesterday, which is the Microsoft Azure Defender for IOT Full-on learning path. This is really cool because I actually get to work with James M. Cabe Who is a senior black belt for for Azure Defender to specifically talk about the address been of IOT the Understand between IOT and OT so information of things and of things with you know one captures information one does automation Which is really cool It's it's something where understanding where the attack vectors can lie What to what you need to look for what you need to address and how to you know button up your organization when you have that deployment of IOT to make sure that you know it all feeds into a single pane of glass to have an understanding or viewpoint of How your infrastructure is actually running out in the world, which is really cool That's that's that's really cool. I'm gonna have to catch that one So the length of this is also provided in the blog post for today on itops.com So if you want to check it out and if you have any comments, let us know Love to add on anything. Actually, sorry Here has a new email for comments as well. I just saw that flash up on the screen So Pierre will show that again it if you know adding comments on to the board It's not your thing and you want to send us an email. We've made that available as well So there it is there itops talk dash feedback at Microsoft comm which is being monitored by us as well Which is really cool Producer Pierre. Should we get into the news? I think we should. All right, so you're up first. I am Okay, let me switch to the right scene here because I am still have my producing Segment so first is the general availability of networking for key vault references on Windows in app services So it's been possible for a long time for workloads that they're deployed on app service environments to have access to network restricted key vaults and I've always been a big fan of key vault anything that allows IT pros and operations folks to end developers for that matter to keep credentials out of code is For me really really important So now if you've got a workload on app service environment, you can now Have that workload access a key vault through a let's say a virtual network service endpoint Meaning it doesn't have to go back out to the internet and back into your key vault It's for this restricted to a non-internet routed Network so it makes a big difference on that so your resources can be integrated securely with your key vaults and Pull all of the Credentials out of your code also in that same release We now have key vault references, which means that the app Can use and I managed identity so the app itself becomes a managed identity and can resolve the secrets from the Azure Vault and store them in environment variables Which means that your app can refer to them at any time But they're never written down. They're never stored So it with the app is restarted or stopped those references go away so This allows teams to very easily move secrets into a management plane versus a code plane And makes your application your workload your environment more secure. Oh, Anthony. What do you think? This is big right like I remember back in the day when developers were writing code and actually putting the password hash Right in the code and then somebody who was smart enough to just go through and decipher the code itself and find the password Hash and then start attacking systems with it, right? The whole aspect of key vault, you know It stops that it this allows this from happening. I really love making the apps as part of the identity piece I think that's a really crucial part Because then the app becomes free-flowing in that it can run on any device or any In any Instance but still have the security vector in play in terms of the authorization to gain access to the data without leaking its code To whoever's trying to use it to do something nefarious with it It's something where we're strengthening out our security vector for applications to gain access to information Regardless of where it resides But doing so in a mindful way so it doesn't hinder those that are using the application from being stopped to get the info And the one thing that you mentioned the identity part, which I Agree is really important What I do like the best about this part is That because it becomes an identity you can now assign granular rights to so that application is only allowed to Read secrets from the vault but not allowed to store or or modify the ones that are there So if the app gets compromised in any way It's not gonna go and like change your your password so that other app will be Compromised as well. So there there's that layer of identity granularity of our backs or resource-based access control And also pulling the credentials out of the code. Also, I mentioned I have forgot to mention that that also applies to Azure functions, so if you're writing Azure functions, whether it's in PowerShell or in any other language You can also use those Azure functions and access that key vault through that that service that the network service endpoint so really important and if you've got anything to do with security and supporting workloads that require Access to the secrets check it out So next up in the news Alex Simons is back with a net new announcement this week public preview of ADFS So active directory federated services assignments on Azure AD reporting This is a big one for us because you know in tying into the previous announcement You just talked about now you have this ability to have a single pane of glass to go forth and gain access to the You know what federated services are actually logging in to your infrastructure and having that hybrid view of The the solutions that are logging in from again that single pane of glass The advantage of this is that you can actually take this solution and tie it into a seam Like Azure Sentinel and do analysis on the logs of who's connecting where and provide that as you know Additional tools and hunting attacks, right? Who you know what application what federated services is trying to gain access to what resource at certain intervals that is leaking out set information You know something like a seam seam application like Sentinel can go through and do the analysis on and then gain a better understanding of What is the attack pattern or travel through that attack is trying to to have inside of your architecture to gain access to your information? as you can see it provides you a full-on visual visual representation of The login sequence form that federated service into your infrastructure into your into your data And what they're trying to access it at what times and even from where around the world is is even occurring So you can see if an application shouldn't be running in another part of the world Why is the axis trying to come from that from that location care thoughts? I love it I'm always Puzzled by because I've talked to some customers over the years and they collect logs out the wazoo and They collect the logs from the firewall. They collect the logs from their AD They can lock like the all of the audit logs, but they don't really have any process or any tools to really analyze those logs It almost reminds me of my early days in IT like my first job Where on Monday morning I'd have to go in a data center and log in the server one and check the event viewer for anything That was like a red X After like the first 100 lines You're not really your brains not made to process that so you need a tool to analyze those logs and actually show you That things are happening And I find that the Azure defender in those SEM tools to analyze that are crucial for anybody that especially if you're running into a distributed and Environment so does if you're not like all in one location They've got logs from Firewall over here. You got logs from an application over here. You got logs from AD and Azure AD How do you make sense of all those and expose? Where you've got things that are coming up so very very important And that's the thing right using a SEM like Azure Sentinel or there seems that are out there as well Of course taking all these logs in the consideration It's like sleuthing tools that you can go through and have a you know, you're building out a story How this attack is occurring as opposed to like you said before pull up this log pull up this log do the analysis There's no, you know, how you try to find the correlation has to be all done manually A good friend or a show regular IT high IT guy has joined and says I love me some looks We have to behave now the boss is watching us So, you know, and that's the thing back in his day He would have to manually go through the logs one by one But using a SEM now getting all that information you can really sleuth out Hey, this is the attack that could occur amidst our organization that we need to address some button up Yeah, and and I find that security professional also not necessarily I don't want to generalize I have been exposed to some of them that are more worried about The attack itself and not finding out how the attack got in Is if you you stop the attack and you you you secure your environment, that's great like the hundred percent But if you don't know how like what the the flow of the attack was where they got in and you don't know where your Vulnerability was where the the loud that code to actually come into your environment And that's what like defender the tools like that will reveal is where is your weakest link? And you can go and address that Andrew makes mention Andrew makes mention it. He likes the dashboard on Sentinel because it provides an overview and you can drill down You know, so you have all this information in coming in from the logs and great point Andrew I can actually drill down into the logs to pinpoint the specific attack point In terms of what's going on based on the information provided by the logs Let's continue on next up is Azure cost management As your cost management. Yes, Azure cost management Really, it's a series of Additional capabilities that have been added to Azure cost management this month one aid that's to me jumps out really is to I've given you tools to prevent exceeding your budget with forecasted alert or forecasted cost alerts, for example so if you if you you've set a budget and it starts You start your month and it keeps keep track of your month and Because of the algorithm it forecasts that you are going to at the end of the month be over your budget You get an alert then as opposed to get an alert after you've busted your budget It allows you to go in and make adjustments or make it as much either to your budget because maybe you Underestimated what you are going to use or you over provisioned your environment and you're using more than you should So those tools are very important. Also Another favorite of mine is now you have new views for your subscription so you can actually see the the cost if you're managing a number of subscription and In my case so I go to Azure my Azure portal and I go to subscription because of all of the tests and Sandbox environments. I've got I've got about like 40 of them that are listed And now with my with this new view you can actually have a cost Analysis view per subscription and even drill down per resource group So a resource group as we all know is basically just a logical container for that contains everything that shares the same application life cycle It's just a logical container other than that it really doesn't do that much But if your application is all inside the resource group whether it's the virtual machine the the app service the database The networking everything that's in there You can actually view that resource group as a specific cost management view then you end up with a Kind of top-down view of what the entire application is costing you Other application other new Functionality is the cost management labs. So with the cost management lab it's it's a way for you to get sneak peeks of Basically what we've gotten in I was gonna say beta, but I'm in preview That are not quite Released yet, but it is available in the cost management lab so you can play with it You can give us feedback or give feedback to the product group and understand how to use the services better for your environment some of these Enhancement into the cost management lab is you can create up to a hundred different views per scope So if you've got multiple scopes in your environment, so management groups or descriptions or You can have a different hundred different views per scope Also, if you go into one and you're doing some stuff and then you go away and you come back It'll actually remember the last scope that you used I'm I'm really I'm really lazy when it comes to that and I love the fact that when I have a view set up Because I spend a lot of time in terms of I order it like this and I group it by type and I So I got my own way of looking at things and I know we all do and now you go to another page You do something else and you come back and that view is gone now it'll actually remember the last use scope and Not necessarily all of the views and tweaks that you've done, but at least you're in the same scope Right, and of course they've streamlined the cost management menu, which is always a good thing Rick actually Tells me all the time. Why do I have all these tabs open on my on my browser and it's for that purpose, right? I've set up the specific reports as capturing information for me if I lose that tab. It's gone I love the fact that you can now He's shaking his finger. No, why no, no, okay There's there's keeping tabs open and then there's you which is excessive. I have seen your desktop I think you've got like 120 tabs open only 110 not 120 and I put extra RAM to deal with that and you're wondering why your machine is slow So I Love the fact that you have that ability to save the view I love the fact that you have the ability to assign the reporting to business decision-makers who sometimes don't see what's going on in the midst of Organization and when there's a cost involved the whole purpose of it pro getting out of the cost center and into the investment center At an organization means a free flowing of information and so this is a great catalyst to share This is the expense of what's going on You can assign this to business managers for each department based on their applications If you wanted to for their reporting to include in their budget So there's no guesswork in terms of everything going on It's just the transparency of information in terms of cloud spin that that's happening Yeah, and and another shameless plug the Dedeen interview with the Azure Auto Manage as a great segment on Right sizing your environment. So Next Tuesday April 6th They tune don't miss it. All right. Let's continue on the news This one is an interesting one. What's new for Microsoft teams always a hot topic with IT professionals A lot of new functionality and you know here being at Microsoft We're spoiled because we get previewed to a lot of things already The PowerPoint live is really cool that you have it embedded inside of teams as opposed to loading up the PowerPoint client to run the the Presentation live or sharing your entire desktop just to show a PowerPoint. Yeah Yes, and then the live reactions of the thumbs up in the heart and the whole bit, which is really cool the 20,000 person view For broadcasts, so that's another, you know Possibility for us to even look at in terms of doing the show on that one on teams Maybe in the future, but what I wanted to send her in on was the management capabilities that have been announced For it professionals and your governance of teams This is the thing teams has been huge for a lot of organizations in terms of the pandemic and making sure that people stay connected So here is something where you're specifically targeting from an IT professional perspective your management capabilities Restricting a Windows and Mac manage device sign-in specific tenants. How important is this right? I don't want Device X to connect in I want to make sure that you're connecting in via your secured laptop or secured tablet As opposed to via your phone. I get it, you know us Working from home means that sometimes you have to run out and do an errand and you want to try to take a phone call from that A teams meeting from that instance. I've done a lot for my truck hundreds of times But sometimes information is too sensitive to have out there in the world And you know, you don't know who's looking over your shoulder. So having this type of capability was really cool I actually there was the MVP summit this week as well the simple periodic review for guest users Was it was a great one that was showcased in regards to all the guest users that were coming in for MVP summit to gain access to? Sensitive presentations that were being delivered from teams and then have an analysis to ensure that hey everybody who is here is who They said they were and you can review that in terms of documentation and the authentication credentials put forth, which was really cool I've never seen I've never seen the use the use of the word redacted as much on Twitter as this week when all the MVPs were Oh, I'm so glad I heard about redacted But it's the thing though, I love when the MVPs are are here Well in red men when they have the MVP summit and and it was great just to even have everybody online having open discussions with everybody Just because they bring new ideas to the table, right? They're you know out talking with organizations Watching implementations occur or hands on with a lot of the implementations And then they come back to us and share the feedback. Hey, this doesn't work. This is you know, this needs to be changed This was awesome should do more of this And so then participating is important to Microsoft and you know with the information of Microsoft shares We have to be very careful And this is one of the tools that are being used for this Yep actually, uh one of the on facebook there's been a message that uh, uh, Somebody put in a link to a recap of Microsoft's best announcement at the MVP summit day Um, I'm not sure if this is uh kosher. I'll have to go see it before Anyway, we've got uh four minutes left. So, uh, let's move on Let's move on to the events that are happening. So our good friends sarah lean and thomas maher are coming up with a landing zone As your landing zone q&a, uh, it's happening next week on april the 7th It's going to be a live stream on the it ops talk youtube channel It's going to be really cool because they're going to answer your questions live that are coming in So don't wait Make sure you go go to the youtube channel now and you can actually start asking your questions in the comments below Or if you want to jump into the live stream, you can do so as well Pierre, I know you're excited for this one as well. I think you and I are helping on the backing and answering the questions Also, as you know every day there is hello world hello world that new daily show It talks about you know, the people around the services that are being deployed at microsoft for other organizations to take advantage of And it's talking about real world implementations of those services. So catch this every day at 10 30 a.m. Eastern standard time Patch and switch is on the show today and you know, hello to producer steve aka jared chockley And regular it guy aka rick claus who are on the chat room and a quick hello to andrew mccullum and to Ackos batta fory I hope it didn't say your name wrong Who are in the chat room today as well? The show patch and switch on today It's on at noon eastern standard time Producer pier and i are always lurking around in the chat room as well So they're going to be on there as well and today and today rick can't call us out online for not being at work Because today we're supposed to be off. We're doing this out of the goodness of our hearts So wait, wait, so a zed update does not work. But patch and switch when we attend his work Right. No that's the other way around Sure about that All right, all right move on move on. We got three minutes. Okay two minutes Microsoft learn module of the week always important to have this we love this because we all love to learn implement and manage hybrid identity soup to nuts all the functionality around identity management available in bite size learn modules with hands-on labs All completely free. There is no azure spin when you work on the hands-on labs in this type of implementation On the sandbox technology at microsoft learn provides really cool. Do check it out. It's on the itops talk blog post for the link to get to this Producer pier show went by too quickly today. It's been a lot of fun If people want to get a hold of you, what's the best way to get a hold of you? Get all the me is at wired canuck right here And if you want to get a hold of me for some reason you can also find me at wireless life on twitter Producer pier, thank you for being on the show today or at the bottom of the leaderboard on call of duty Wow, my name is not Rick claws. It's anthony bartolo. I okay. I forget sometimes All right Everybody have a great weekend and have a great long weekend if you have the holiday Friday and holiday monday off and we'll see you all next week on azit update. Stay safe