 Hey everybody and welcome to this live ask me anything or AMA or Q&A or whatever you want to call it this morning My name is Sarah and I'm joined by my colleague Sonya. Sonya. Welcome to the show today Hey, Sarah. Thanks for the invite So we're having a bit of a weird time zone thing because I'm in Scotland and you're in Australia And it's currently 10 a.m. For me and it's what time for you Sonya. Yeah, so it's 8 p.m. Here It's been a long day. The kids almost ready for bed I've got a nice relaxing glass of my sparkling mineral water To close off the end of my day because they don't drink it's been a big one But no, it's always nice to find these little windows of opportunity where our time zones overlap enough to not be terribly Probably inconvenient for both of us Yeah, because I think this is probably the first time you and I have done Something live or something together outside of team meetings for a while now because of the weird time zone difference So it's definitely nice to work together for a change rather than Send meetings Absolutely, and that's because we didn't need to invite the Americans this time right because the North Americans I know what time it is for them right now trying to get the three parts of the world together is Impossible without inconveniencing somebody but now it's great to get together. I know I think sometimes when I'm talking at presentations I introduce our team and I say that we are a truly global team because I think we live in Different seven different locations and we skip span like seven different time zones or something crazy like that for the eight of us So, yeah, it definitely makes our meeting schedules challenging Yeah, what's an IT pro always an IT pro right? It's that follow the Sun model Absolutely, and so today's show is all about Answering community questions and this is kind of a follow-up from the event that our team did on the 2nd of February That we launched IT ops talks all things hybrid and we wanted to try and keep the conversation going with the community And the goodwill that we had with everybody For those that didn't catch your event or aren't sure about what it was Sonya Could you give them a bit of a debrief about what it was we actually did earlier this month? Yeah, absolutely And so we've been taking on board the feedback from the community and looking at how things are going in the online event space It's certainly different to be able to get together in person And there are pros and cons to being able to see content that you might not have been able to have traveled to to go and see But at the end of the day, it kind of feels like a big webinar And everyone's getting this online fatigue of watching presentations So a team decided to try something different We went out to the azure engineering experts the ones that represent our product groups in redmond and Talked to them about some deep dive technical topics And so we gave them the Ability to talk about what they wanted to talk about for as long as they wanted to talk about this was not a short Format 30 minutes here. This was an opportunity to really get deep into some of those Concepts and we recorded these interviews and these demonstrations with these experts and then release them as a series of videos So that you could literally choose your own agenda You could watch the topics that interested you when you had space in your calendar and you weren't Fighting production server outages. Hello again. I see pro life And then as well as that we spun up a discord server. So we had a discord server running prior to the event We set up a whole bunch of different channels so there was one channel per session And you could come in and out of those channels and chat about that particular session Ask the speaker some questions and get some answers and Find that place to make those community connections talk to people who were interested in the same things that you were But as I said at a time that was convenient to you and as we mentioned about all of our time zone spread It was an experiment to see if a format like this would work for our communities Yeah, and I think that's the great thing I saw on twitter today Someone had watched one of the session recordings even though the event the event was two weeks ago And they really got the value at it. So it's great that the content's there and you can dive in whenever you want I filmed one sessions for the event. I filmed a roadmap session on Windows virtual desktop So that was pretty cool to see where we're going with that product because it's been I think for a lot of companies a lifesaver to be honest during the pandemic And I actually talked about that in my session with tom hinkley You did a few sessions those on you. How many did you do was it four sessions that you recorded with orin? Oh, look, I think orin and I did five between us But you know it was the content was just amazing. So we talked with ned pile about securing smb And smb is one of those little protocols that I automatically associated with file shares, right? And when ned gets into the depth of what else uses the smb protocol I was like sort of mind blown about the fact that he was talking about things like the net log on and the sysfoil Shares being open and any windows computer will look for domain control was to go and connect to those shares And so there's nothing stopping somebody in the coffee shop spinning up a Rogue windows server that any of the other windows PCs on that coffee shop network You're going to go and look at and try and connect to like that's the kind of scary things That he was talking about so that one was really interesting Ben talked about virtualized and hybrid backup and that's been unstrong that took me back to the days of listening to a vendor presentation talking about volume shadow copy and the volume shadow copy service and how that In essence pauses the rights of the file so that the backup service can take a clean snapshot Of the data for the backup and then tells the service to to go ahead and do all the reading and writing again to disk He went through like how that evolution of that started from the early days of windows server Right through to supporting hyper v and now how we use some of those concepts and we scale it into asia So what it's like architecting it from an asia perspective where the scale of virtual machines You know on hyper v vms that we're backing up now across that platform is just Insanely huge and so that was a really interesting one as well. Look um Steve cyphus. That was another good one. So windows authentication internals in a hybrid world I learned things about the login process today and even you Including the process for you logging into a computer with windows. Hello and what actually happens in the background like where that Authentication process actually takes place on your local computer and the fact that with the fast login process It's going to log you on locally to that computer Before it's even gone to the server and gone to the clouds So you haven't done the authentication into those two different environments yet. So You can get to your desktop and I remember you know back in the olden days and we had like Windows NT for it and the login process you literally would type in your password and go and make a coffee It would be that slow to kind of log on to the network And so to see what the windows team have done with speeding up that process to get people to the desktop as fast as possible And then have all of the other authentication happen in the background It was really mind-blowing But that just sort of speaks volumes to the technical depth and nitty-gritty that we were getting into that I think the it pros love to hear about and we don't get so much these days is that really deep deep technical content And I think the great thing about some of the conversations we were having is they relate to both on-prem Data centers and the cloud, you know, there's there's very much a crossover between those skill sets that we need to have nowadays You know backup something that regardless of where your your workloads reside you need to take care of so understanding how all that works It can help you understand when you're troubleshooting I think we've all had to troubleshoot backups that have failed and stopped and we don't know understand why So understanding the underlying technology is always great as well Yeah, and I do I do wonder how much of that we're passing on to the next generation of it pros when I first started in the industry One of the the guys in the team actually sat down with a white board and taught me about tcpip addressing All right, and you're right building up that foundational knowledge of those core components of the infrastructure Certainly helps with your troubleshooting skills when things go wrong It makes it easier to eliminate things that may be more obvious And I I do just hope that the next generation of it pros that are coming in especially now that they're learning cloud You know, they might not be going to that level of depth because the cloud provider looks after it all so I wrote an interesting post on our team blog about cid annotation and how that works for tcpip addressing just to help Fill in the gaps of some of that foundational knowledge Oh, yeah, I think networking networking was something that I Used to know a bit about I used to have a team of people that looked after the network when we did on prem data centers Now when i'm setting up stuff within azure, i'm constantly having to use like an internet search provider to try and find how to do Subnetting and what does a slash 24 give me and when should I use that a versus all the other different ones Those core technologies don't leave you although I seem to have lost some of the skills in my memory bag But you know they still translate so networking is this just the same So yeah, it's there's there's tons of things We've actually got a question from one of our viewers Sonya and i'm not sure if you know the answer to this They're saying that they're brand new to azure security and they want to check if there's a lab or a sandbox for azure Sentinel within microsoft learn. Do you know if there's something specific in there? That's a really good question. I don't think that there is this I don't think that the microsoft learn a sandbox supports the azure sentinel capability What happens behind the scenes with that sandbox is you're basically spinning up a temporary A temporary environment inside of microsoft's azure environment and because of that there are certain things that we can and can't allow people to do in that sandbox Some some of the riskier things like some of the identity The identity things in the premium levels We just couldn't have people changing that in these test environments Even though they are these temporary test environments, so there's sort of certain levels of protection I don't think that sentinel yet Is one of the things that these sandbox supports unfortunately It's interesting though, but if you let me know what sort of functionality you were interested in because I had a conversation with somebody about We were talking about the fact that azure active directory is one of the sources you can ingest into sentinel And they're like cool the documentation will tell me how to set that up But then what would I do with it and one of the challenges when you want to go and test stuff like that is It usually does require some data to be in there if you actually see what that looks like Like it's really hard to investigate a threat if you don't actually have a threat trigger in the data to investigate So as a cloud advocate, I have access to some internal testing environments that are pre-set up with data to help us Build demos and and things like that to to show customers So if there's any particular things that you're interested in that you can't find in the Documentation or in the ms learn sandbox. Let me know we might be able to demo something up and get it published Awesome. That's it's good to know it's good to know that Um, we're a great conduit for adding resources into mix of learn because I think both of us have been involved in either reviewing content or writing content or making videos for mix of learn So definitely give us your feedback in terms of that. I do know that the azure security center team have released a kind of um additional lab Um that you can work through so it's hosted on github. I can't remember quite the links I'll need to dig it out But what they've done is they've given you kind of a step by step Guide on how to set it up how to maybe trigger some alerts all using the free 30 days that you get with azure security center So that's another great resource You do have to sign up for an azure subscription But if you use the free license within azure security center and work for the lab within the 30 days It doesn't cost you anything additional. So that's another resource to look out for Um, Andrew's got another question about where should people look if they're brand new to azure? Should it be microsoft learn? Should it be something else? um I think we're probably both going to see the mix of learn Fundamentals path is a great one because I think you wrote some of that sonja And I think I've got the views embedded in it. So we might be a little biased there Look, we are but the interesting thing about azure fundamentals azure fundamentals on microsoft learn got an update just before christmas because The exam objective domain was changing. So the az 900 exam the azure fundamentals exam Did have a bit of a content change and we wanted to make sure that the materials online that people could use to self study for that Obviously reflect reflected the new way of doing things It used to be just one learning path inside learn and then we split it out to about six different learning paths I think that focused on the different areas Part of that azure fundamentals learning path is an introduction to the different services inside azure So that just helps you get familiar with the names of things and what they do And when you use one service over another but the very first couple of learning paths Really give you that foundation for a lot of the terminology that you'll see all throughout microsoft learn No matter what it is that you want to learn on azure So you'll learn about the difference between a subscription and a reasal script for example And once you start to get your head around that terminology It does just make it easier to go into different paths of what you're interested with its Database or security or development or some of the infrastructure stuff It really is just setting that scene for more of the cloud jargon. I guess to get you familiar with it Yep, and I've been using actually microsoft learn this past week to study for an exam next month And it's been covering off security fundamentals across azure and microsoft 365 Although they're kind of separate products There's also an interlap between some of the things that they do Obviously identities the big piece that link them together, but there's a lot of Things that are similar I learned yesterday for example that we have a customer lockbox within microsoft 365 Which if you're having an issue you can approve one of the microsoft engineers to have access to your data for a limited time to help you troubleshoot That problem. I knew that existed in azure, but naively. I didn't realize we also had it for microsoft 365 So I learned something new and so yeah, there's a there's great content there and can teach even old dogs like me new tricks And orange actually popped up in the chat who's one of our teammates And he's saying that there is something in mix of learn that helps you deploy Sentinel using an arm template. So that might be an option to have a look at as well um, so I know you've had a busy week. So and yeah, can you share any of the projects or things that you've been working on this week? Or are they all hush hush? No, look, I've had a very public week this week microsoft australia have been running a week called the cloud skills bootcamp Which has been a number of sessions. Some of them have been Pre-recorded and they've done a live chat moderation and they've answered questions in the chat as the recording is played And they've also been doing some live q&a ask the expert type stuff And I also did a particular session aimed at students Which was an azure fundamental style on the difference between infrastructure as a service platform as a service and software as a service Which is something that and newbies get confused a little bit in terms of the the differentiations between those and and where their responsibilities lie But the cloud skills bootcamp was really interesting the one that I did today That asked the experts live was preparing for cloud adoption. So I know that that's topic That's very close to your heart to sarah with the cloud adoption framework And helping people navigate the sort of things that they really need to think about getting in place or the questions that they need To be asking at an organization level Before they log into the azure portal and hit that create new resource, which is so easy to do But that planning stages beforehand to make sure that your goals your stakeholders are on board Is really really vital. So that was a good little session Yeah, cloud adoption is something that I talk about all the time I I mostly tackle it from a migration path kind of process So when you're moving um all your on-prem work loads up into the cloud And I think like you rightly like you said people get so excited about the technology piece that they often forget about all the processes And the people that are involved in the success of these projects I think I often talk about how the fact that you need to engage with your business Make sure you're speaking to your business owners and understanding how your changes to the technology are going to affect them And how they operate And also talking to your people the people in your it department Lots of people might already be Aware of the cloud and be up skilled on that and be doing lots of extra learning But you've also got to take them on that journey as well because If you move all your resources from a place where you know how to do it You can physically go and touch them to a place where you don't get access to them physically And then you end up having to run about trying to support these workloads in a place where you don't even know how to log into Or log a support ticket. It's not going to be a fun journey, right? I think we've probably both seen customers do that my great workloads up into the cloud and then not really understand How to work in the cloud as such and do your operations. So Yeah, it's it's definitely an interesting journey It is and I think a lot of that is is trying to figure out what those responsibilities are because You know, there is this perception that the cloud is easy. Just put it in the cloud It's all looked after and you know Microsoft does everything for you and that's all great so much so that we went through this period and still get it Sometimes where people are going Is it pro still a valid career? Like are we going to disappear because the cloud is now a thing and all the workloads are up in the cloud And when I think back to the start of my career And versus what I do now The things that we do are very similar. We just do them in different ways And so when we used to spin up machines and servers, you know, we used to Copy files for DOS PCs from one PC to another or we'd use ghost and we'd clone images for example So now we've got different tools to do that same kind of stuff security still security And there are a few extra things to worry about now But we've got extra tools to do it too and I this job has always changed It has never been the same in all of the years that I've done it and cloud really is just an evolution of that But it does take time for people to kind of find their place with this and try and figure out What it looks like to operate workloads in the cloud and then coming back to our hybrid theme What about when you've still got servers on prem as well and and how does that look like to be wrangling two different Environments and and what can we do for consistency and ease of management with one tool set across those as well So these are kind of the you know, the big questions that the it pros are today trying to figure out Absolutely It's about that ease of management as well when you have your workloads split up into three four different locations And I was actually playing with windows admin center yesterday and looking at the The I am definitely jealous like in the days gone by and you're probably the same as on you when you were managing hundreds of servers You would probably have hundreds of mmc windows open rdp windows open and maybe different laptops to get into different subnets and It was a nightmare trying to manage all of that and windows admin center brings it all into one place And you can have one window open and do your job. I'm I'm very much jealous I'm almost tempted to go back to being a server engineer and managing servers Just to barely use it Um, but that's a great tool for doing that management And it's not just for looking after your windows servers that has that hybrid Kind of technology because you can configure your azure backups azure security center patch management Um, the integration is just um amends from that tool. So that's definitely one. I love using and talking about as well Yeah So we did a really good session with jeff woolsey at our hybrid event as well ops 107 Where we talked about hybrid as a management plane He's a big supporter and fan of windows admin center And we talked about some of the benefits that those cloud capabilities can bring to helping you to manage it on prem environments It was a really good session Yeah, because um netpile as well as a massive fan of I think windows admin center from the storage file kind of story as well You can do that migration from your Really old file server to a new server all through windows admin center and some of the cool tech his team is working on as well If I remember yeah, it's kind of it's kind of annoying that it's not quite as in your face when you connect to a server You know, it does take you have to kind of dig in to learn about windows admin center And then go and deploy it to somewhere where you can fire it up But once you have you'll never go back like it's just so epic to have all of those different capabilities in the one place So talking about fabulous tools and products. Do you have a favorite product or azure service or do you love them all sonja? I love all my azure products and services You don't have a favorite child look One of the things I love about this role is I am a kid in a candy shop um I've found myself gravitating to some services more than others And I think some of that is playing off the strengths of our team so we do have people in our team with a focus on Azure stack and iot and you know in azure migrate some of those areas that I let them play with that because this that's their thing But I've I've tended to focus on identity stuff I've certainly been playing with some of the security stuff with security center and azure sentinel I've done a lot with governance with policy and compliance And that kind of bleeds into security with things like the security benchmark so the one of the interesting threads that came through from the hybrid content that Orin and I were recording was just how much of the things we do actually have a security underlying theme so whether it's identity or configuration of you know NSGs for the for the network security that there's a ton of stuff that we do that's all security based even if we don't kind of label ourselves as being Someone who's a dedicated security engineer or in in that sort of security roles There's a ton of stuff that it pros do that security related or we do it for security reasons Yeah, absolutely. Um I think yeah, I I'm going to put my hand up and see I am the azure migrate expert or fanboy or fangirl That is my favorite product in the home Which kind of is a good plug because today I released a new video That I did with the azure migrate product team and we talked about The azure migrate product and some of the new preview features that the team are working on so Definitely look out for that because that was an interesting video and it's full of demo So it's not just us chatting. Um, it's very it's very good. Um, I'm biased though, right? Um, so we're kind of coming up to time. I think it's been awesome talking to you today, Sonia Thank you for staying up late or giving up some of your evening to do this Thank you to everybody that tuned in Please do tell us if you like these kinds of sessions because there is a whole host of us behind the scenes beyond Sonia and I and like we said at the top of the show We cover a whole different time zones because we can usually get a couple of people together to suit different time zones So, um, definitely let us know if you enjoy this session if people want to get a hold of you, Sonia Where's the best place for them to reach out to you on? Look, I'm on twitter almost 24 by 7. Um, you can find me at Sonia cuff Awesome. Um, and I'm on twitter at techie last so thank you everybody for tuning in today and hopefully catch you in another video soon