 Hello, and welcome back to another episode of AZ Update. I'm Anthony Bartolo, joined today by Sonya Cuff. Good morning, Sonya. Hey, Anthony, why else would I be getting all dressed up and makeup on on a Friday night, ready to go out and join you for a live stream for work? Well, it's not to go out because we're all under lockdown. So we thank you for being on the show, being in the future of the show. I know it's Saturday morning for you and it's Friday morning for us, but always awesome for you to be here. So grateful, Pierre and I are so grateful for you to be here with us on the show. What are your thoughts on Microsoft Build? Is the boss listening? No, listen. Look, it very much is pitched as a developer event. A lot of the marketing collateral and the messaging is that this is the conference for developers. However, I remember getting up late to watch the keynote when containers were first announced at Build. And not many IT pros were kind of tuning in to it then, but man, I could start to see the implications of that kind of technology. And we've just seen that grow now in terms of more topics that IT pros are interested in. And it also gives us kind of the inside scoop into where developers are going that we're gonna need to support in terms of infrastructure. Here's the thing. Our fearless leader, Rick Claus, keeps on looking at me and says, you're always on the edge in terms of everything that's going on for IT Pro. You're always on that cusp of IT Pro and developer and a lot of the topics that I cover. Sarah always rolls her eyes when I say IoT, right? Because oh, here we go again, the IoT side. The whole aspect of going to the cloud and being in hybrid and the DevOps movement in terms of practices for sharing of information, sharing of code for deployment and what have you. The lines between developer and IT Pro are boring. And a lot of IT professionals looking at, their place inside of an organization being seen as a cost center, they wanna elevate their status beyond that. And Build is that start of the conversation. And you're right. A lot of the material and the promotion that's shown around Build is developer focus and talking about the new services that are being available, what can be done to create new innovations in terms of development for apps or enablement of an organization. That doesn't mean that IT Pros can't participate or IT Pros can't learn something, right? Like case in point in terms of containers. So, with Build coming up, there's a couple of things in terms of what's happening in our team is actually involved in Build as well. We'll show it later, but Rick is one of the hosts at Build, which is awesome. We have Pierre will be hosting a round table. So producer Pierre will be hosting a round table on hybrid in terms of hybrid implementation, what your considerations should be when deploying in hybrid. We also have Orin, Orin Thomas. He's a big fan of Node.js. He'll be talking about, I'm gonna pay for that one later, I know. He'll be talking about worldwide certification for what a worldwide learning team in terms of its importance and what tools are out there to enable that. It's something where with the lines being learned and the conversation and being an open conversation, multiple people can participate in. It doesn't really matter if you're an IT Pro or a developer. If you're eager to learn and you're eager to participate, you should register and it's free, right? And we'll share the details later on in the show. But I wanted to make sure that we covered that just because a lot of people have been reaching out on Reddit and on Twitter to say, it's cool that Build is coming, but what's in it for me in my IT department? What's in it for me as a system administrator? Definitely, you know, check it out. Thoughts on you? Yeah, and the great part about it now that it's online and it's free is you can skip all the sessions that you're not interested and like you don't have to go to Build wanting to learn how to code or to do software development better. So register, grab the sessions that are interesting to you and I'm gonna influence your IT Pro world or check the recordings if they don't suit you to see them live and just, yeah, dig in there and see what you're interested and without having to commit to a week in a conference center. Right. So shall we continue on with the news because we got a lot of news to cover today. There's a lot of updates this week. So let's start up in your first to go. Yeah, so speaking of crossover between developers, one of the places that gets overlooked a little bit by IT pros in the past has been the Azure Architecture Center. And the Azure Architecture Center has had a lot of architecture around application architecture but we've had some really cool important content updates this week starting with Azure Automation Update Management. So this actually builds out as a reference architecture for hybrid update management solution for managing your updates to your servers whether they're on-prem or they're in Azure both Windows and Linux computers. And it gives you a done Visio file. So you can go and download the architecture that's right there in Visio, play around to suit your particular environment and a lot of considerations in there including how you deploy it with your Azure Automation runbooks and your hybrid runbook workers. So go and check that one out. On the thread of hybrid architectures we've also got manage hybrid Azure workloads using the Windows Admin Center. So this reference architecture gives you a bunch of options whether you are deploying Windows Admin Center into a virtual machine inside Azure or whether you're deploying it to a server either physical or virtual on-prem and it gives you a bunch of considerations there again in terms of your architecture and how you're going to employ it for your different on-prem installation types. Again, some really good guidance here not so much the point click do this, do this but that real big picture of how it all hangs together. The other final one is Azure Automation in a hybrid environment. So this one does put together those Azure Automation runbooks and how they link through to these hybrid runbook workers for either Windows or Linux and whether or not that's in an on-premise solution or even in a different cloud. Don't tell anybody I said that either but it's there in the documentation and the reference architectures. So download the Vizier file, take a look at the architectures. What do you think Anthony? Why is this useful to IT pros to see this kind of documentation? Here's the thing, right? You go out, you do the research you've been asked to add on aspects of technology or services to your infrastructure. If you've been on premises for a long time or you're dabbling into hybrid you're not expected to know everything, right? I see these as opportunities to incorporate blueprints that have already been verified in terms of enablement to give IT professionals a leg up in regards to the addition of services in midst of the infrastructure. Even to the point where, as you mentioned the discussion of connecting other clouds let's be totally honest here, right? Not every organization is gonna put all their eggs in one basket and there's aspects of technology and services that may meet their needs better on other platforms and other cloud offerings, still be it. It's something where having that one pane of glass to control everything even if it's a multiple clouds is a big use to organizations to ensure that they're putting their best foot forward for investment into services and technology. Why require different architectures or different separate architectures? It makes no sense. You wanna have that all incorporated into one network. I think it's a great thing to have these type of tools to give IT pros a leg up to say, okay, so if I need to adopt this here's the best practice but then have the ability to modify as required based on the documentation that's there. I love the fact that, you know we have this blueprint type of process now that's being made available to IT pros so that it quickens the process in terms of adoption and it takes away a lot of the guesswork. Yeah, absolutely. And it really does just strengthen how committed we are to hybrid, all right? It's not just cloud or on-prem. A lot of the times it's both and the more we can simplify the management of that for our customers the better. And that's the thing with the complexity of adding services like cognitive services or data lake or, you know it's becoming a situation where it's not just a straightforward access to data or not access to data, right? We're talking about applications getting their own identity for access to data for secure pathways, segmented networks which yes we were doing on-premises before but now in cloud it's that much trickier and you have these hybrid implementations that wanna take the best practices of both cloud and on-premises in terms of data access or security. You know, these architecturally, this architectural service providing you that leg up and it provides you a quicker understanding of the methodology for implementation so beneficial. So definitely check that out. It's on the ITOPS Talk blog right now for the latest ASID Update blog post and all the links are there. So it's an awesome tool to check out. Shall we continue on? Go for it. All right. So next up, there were a plethora I'm gonna say very slowly because there was a lot of plethora of updates for Azure Security Center. So many so we can't cover them all on the show. I think it was 15 updates both for general availability and for public preview. I'm gonna go through the ones that were for me really impactful and something that you should take in consideration but all 15 are available on ITOPS Talk in the latest blog post. So first off, Microsoft Defender for endpoint integration with Windows Server 2019 and Windows 10 Virtual Desktop. In the time when everybody's working from home this is a big deal. If you have Defender for endpoint integration available with licenses for Windows Server 2019 as soon as you spin up a Windows Server 2019 the Defender implementation automatically kicks in does not require any additional work and automatically produce protects your implementation of Windows Server 2019 on-premises in a virtual machine on-premises or in cloud doesn't matter. This is huge in terms of less steps for IT professionals to set up. You know, it's literally the load it up, spin it up and automatically protect it under Defender which is huge. And then the inclusion for Windows 10 Virtual Desktop a huge tool that's been used with everybody working from home with the requirements of data staying on-premises inside of somebody's organization and having that, you know only the access via cloud for the desktop but none of the data coming back to an individual's home computer. Same consideration, spin up the Virtual Desktop as required as noted in the news. I think it was a couple of weeks back by Sarah and the automatically that implementation is governed and protected by Defender without any interaction from the end user to set up anything or even the IT professional all licensed based to spin up directly to that Virtual Desktop for that immediate protection of that possible attack point. And so again, no guesswork, no additional setup all covered under Defender, which is awesome. Next up, container registry images that have been pulled within the last 30 days will automatically now be scanned at regular intervals without any interaction from IT professionals. This is a big one too, you know the adoption of containers. Isomize is very similar to when we did the whole adoption from bare metal installs to virtual machines and now we're going again into container utilization. If you've pulled an image for a container within the last 30 days, that image will be scanned for vulnerabilities every day set by a schedule that you set for but automatically enabled by the Defender solution. So that again, no guesswork. Hey, this image is being pulled it's being used in such a fashion. Let's make sure that it's on par in terms of security that nobody is tampered with it and automatically provide that scan. With that being said, both those two were in their in general availability right now in public preview, and this is another big one is the ability for direct scanning of Kubernetes implementations or Kubernetes clusters amidst your organization having extension enabled to have that scan directly on that container or that cluster that you've implemented. Again, to ensure, hey, this is secure it's been deployed correctly. I have the full governance over this implementation from a security spec. So there's no attack vector or whatever is trying to be done maliciously is addressed directly in the cluster itself. This one is huge too. Again, automatically set when you've spun up the cluster or you've spun up the instance currently in public preview to play with. So definitely check that out as well. Sonia, that was a mouthful. And like I said, there's another 12 updates that were just announced for Azure Security Center. We can't cover them all on the show. What are your thoughts on everything? Look, I'm a little bit jealous of how automated things are becoming, right? When I used to look after environments we had to do all that stuff manually. Fortunately, it was usually the IT pros that were deploying the things but it's still usually either came down to manual checklists or we built automated scripting to make sure that things got in store like post-deployment, right? Now it's a little bit world-world-west out there. It's usually developers that are pulling container images and spinning up Kubernetes clusters. So it's just really cool to see how much of this stuff in terms of a base level security protection is being automated now, especially now that we're looking at workloads like Windows Virtual Desktop and those container workloads as well. So the environments are getting more complicated but I think the automation and the tooling is certainly catching up and that's what we've seen in those updates. And that's the thing, right? The environments are becoming more complicated. That's the biggest thing to take away. And so to have this automation of security made available for your organization when you're spinning up resources, I come from the days of you have a mobile device and you would load your mobile device management software suite and you're protecting in essence the perimeter. You're not even protecting the data that resides on it. You're only protecting the security of the device itself. And now we're going down into the containers of the instances that are being spun up for specific actions and activities because everything is becoming more complex. And so to take a lot of the guesswork in terms of the security structure that you've put into play to protect your organization, it's huge. And it's awesome to see that come into play. Remember the Kubernetes piece is under public preview. So definitely go in and test it out and provide your feedback. That's huge in terms of how you like it, if it's working for you or what changes need to be made. Sonja, you're up next. Yep, absolutely. So next we've got the general availability of Azure Hybrid Benefit for Linux with reserved instances and virtual machine scale sets. So this is pretty cool because back in November, 2020, we launched Azure Hybrid Benefit functionality for Linux customers, allowing them to bring their on-prem Red Hat to enterprise Linux subscriptions into Azure. But that was only for our pay-as-you-go instances, but now we're allowing support of that licensing into Azure reserved instances and virtual machine scale sets. So two of our other ways that you can save money with your virtual machines now support bringing that hybrid benefit from the licensing that you've already been paying for your Linux servers as well. It's an interesting one to me. Do you see much use of Linux? It seems to be pockets that there are people very passionate about Linux, aren't they Anthony? So I've seen a tremendous amount of implementation of Linux VMs. Everything from, the latest thing that I've been seeing right now is edge devices that are running the VM on the device itself in Linux. So capturing information out in the field IoT and the ability to push out that virtual machine to the device. So now we're looking at virtual machines running on an IoT device as opposed to just running on machinery or inside of the cloud. And that ability to spin up that VM is required. You have this whole technology now with digital twin. So I have the VM running on premises on an IoT device out in the field capturing information. But I also have that VM running in the cloud replicating the information that's coming from the on premises IoT device for that understanding of how the environment is capturing the information and what that means for future proofing of scenarios like traffic or weather patterns or anything, in essence, anything. So that availability of VMs in the cloud and having that as a purposeful instance that I can manage that, that's huge. That's something where we're seeing a lot more and more growth on the Linux side. It's already huge. It's already a big implementation. I know financial healthcare really takes advantage of it. But this now, having that reserved instance, it secures your investment, it secures your resources to ensure that what's being offered as your SLA to your customers in terms of information is always going to be there. You're never going to have any degradation of service. And it's something where it's peace of mind for the organizations that implement, which is really cool. Yeah, that's right. I mean, reserved instances give our customers a significant savings when they're committing to having a workload there for a one to three year period. And the cost savings are even better with being able to bring those hyper-benefits. We've modeled it time and time again and talked about how that works for Windows when you're bringing over a license that is under software assurance from on-prem to be able to offer it for Linux licensing under these enterprise agreements is also really great. Let's continue on with the news. This one was a big one this hit earlier on in the week. It's the OneDrive sync admin reports now in public preview. If you have an organization as deployed in M365 and you're using OneDrive as your cloud backup solution for individuals at your organization, you know as an IT professional, the biggest challenge that you have is understanding the sync of what's being synced to their repositories. Yes, all deployed by the organization that you work for all under your M365 license, but you have that situation where you have to go one by one to understand how the sync is going, what's being synced, what is the intervals of sync that's occurring. Now, Microsoft is offering OneDrive sync admin reports to have that availability to understand what's being synced, the success of the sync, the intervals of the sync, all the functionality from a centralized location, this is huge for the availability to understand what are the patterns of what's being stored up in the cloud into OneDrive, full view for IT professionals to have an understanding hey, this is what's going on, this is where the problems arise, why is this file being synced so frequently? It's something where IT professionals have been asking for this for a long time, it makes sense, it's currently in public preview and you do require an M365 license to have this test happen, but do check this out, this is something like I said, it sprung up on us on Tuesday, it was launched out in Tuesday on public preview and just a ton of people immediately jumped on and this is awesome, why wasn't this available at the start? I get it, right? It's not an easy thing to add these services on to make it friendly for everybody and that's why public preview is so important and for the availability to say, hey, test this out, provide your feedback before it goes generally available and to test out its functionality, it's so awesome that it's here, a lot of people are excited, a lot of people are testing on it right now. Simon, what do you think? It's been a long time coming when I remember deploying OneDrive in the early days, the sync itself fortunately has come a long way, we had more issues in the early days than now, but literally it was every single PC that you had to have some third party monitoring solution or wait for the end user to call you to say that there was an error accessing their files and people didn't appreciate that if they were gonna do a massive reorganization of things, what that would sort of mean in terms of traffic and sync issues, so it blows my mind, this is epic, we've needed it, it's here, I'm so happy, this is gonna make life so much easier for AIMS 365 Avons. So let's continue on, I wanna say a quick hello to those in the chat room today, Paul Jensen was first in the chat room today, although producer Pierre says that he was first on the chat room, they've been battling about that, hello to Andrew McCollum, great to see you again, and audio guy Steve, Jared Shockley is on the show today, he's over on the chat room, do join us in the chat room, it's awesome, they're currently talking about conference bacon, which is, they're having their own side conversation today. They're having their own bacon now. Well, for you, it's, what is Saturday morning for you? So you could technically have bacon, you can't have bacon any time you want, I just, anybody should be able to have bacon any time they want, I agree. You know, secretly I would go buy the lunch area, and when they had bacon in the morning, I would wrap some in the paper towel and walk along the hallway and have that as a snack. That was a great treat to have producer Pierre is laughing in the background right now, it's shaking his head, speaking of conferences as mentioned in two weeks time, Microsoft build is gonna be made available. This is the largest developer conference of Microsoft offers, but it is not restricted to just developers. If you're an IT professional, there's a great amount of information that'll be available, not just IT program related, but there is actually a lot of IT program related stuff, but there is availability for other conversations who occur as well, producer Pierre flashing on the screen, the Discord server, which will be online, it's always online, it's always available for conversations and it's monitored by producer Pierre. If you want to set up any watch parties, we can help you out with that on the Discord server for that availability for build. It is completely free. As you can see that Rick Claus is one of the hosts that will be on there at the show. Also friends Donna Sackar, we have Christina Warren that's gonna be out there. It's gonna be an amazing show to come and check out. So do register, do come in and participate. Also this week, not Patch and Switch, we actually have, there it is, testing and production. So producer Pierre and audio guy Steve, I keep on saying producer Steve, but audio guy Steve will be on a great, I love the show because it's just, they're both geeking out about the services that they're implementing for the streaming of the show and for Patch and Switch and they get to share it with everybody. They are looking to talk a little bit more about services and tech. So do join in on the conversation with them as well as they explore not only how they're doing the implementation of their live streams, but what their interests are in terms of technology from on-premises implementations to cloud to hybrid and everything in between. Hello World, as you know is another great show that happens on a daily basis. It comes up at 1.30 Eastern time here in North America. And then in, I believe in Australia, there's a second repeat offering that's available as well. So do check out that show too. And the one I wanted you to chat about was the security sales bootcamp, which is happening, I believe in two weeks time. Yeah, so the 17th to the 21st of May, Microsoft Australia is running a free online event with multiple different little sessions that you can catch. Some of them may be in your time zone if you catch the Australian morning, the North American late afternoon, but great security, mitre attacks, information risk, zero trust, white boarding, ask the experts, all free, all security, all week, go register. And that's the one big benefit of everything that's going on. With all of us working from home, we have the ability to join sessions like this. And I love attending these because you're getting real world experience and real world sharing of information from other parts of the globe in terms of the way that technology is being implemented. It's such an eye-opener just to hear from other countries what they're doing with the technology. So if you have the opportunity, it's within your time zone availabilities or you may wanna stay up late like Sony is doing here. If it's of interest to you, definitely go and check that out. Last but not least, the Microsoft learn module of the week, this week the selection was another learning path, Linux on Azure. We talked a little bit about this earlier on in the show. There is a big implementation of Linux on Azure. And if you're looking to get into this, this is a great start in regards to everything that's available for Linux on Azure. It's continuously updated. Actually, we were talking about this yesterday when we're preparing for the show. I think you and I both have completed 90% of this learning path, but we haven't completed 100%. We originally had completed 100%. But now they've added more and that's the big benefit with Microsoft learn is that it doesn't stop. It doesn't stop growing and evolving in terms of its offering. So now the 100% has been reduced to 90% because there's new resources being available on the learning path itself that you can actually go and check out. So Sony, are you gonna go finish this learning path then? Yeah, absolutely. And it's also great for Linux administrators who aren't familiar with Azure because it does cover the fundamental Azure concepts and introduction to Azure virtual machines as well. So it's not just the people new to Linux, it's for Linux admins new to Azure as well. It will set them on the right path. And actually the link is also provided in terms of the Azure fundamentals for part one, describe core concepts. It is not a prerequisite, but it is a recommendation to have that completed prior to taking on the Linux on Azure learning path. So definitely go and check that out. Wow, Sonya, there was a lot on the show today, a lot of updates in terms of architecture and Azure security center and what have you. If people wanna get a hold of you, Sonya, what's the best way to do so? Look, I'm on Twitter almost 24 seven. You can find me at Sonya Calfe. Hopefully not after the show though, cause you gotta go to bed, it's very late for you. I will go get some sleep. Sorry? Said I will go get some sleep, I promise. Yes. If you wanna get a hold of producer Pierre, you can do so on Twitter as well, you can find him at WiredConnect. And you can also catch him on Discord, he's on there very frequently in our IT ops, talk Discord implementation. If you wanna get a hold of me for some reason, you can also get a hold of me on Twitter at WiredListife. I do visit the Discord server time and again. And I'll see the whole team on itopstalk.com with all the greatest blog posts. And if there's any content you want us to create, it's not currently available, let us know, send us a comment and we'll be happy to write that up for you. Sonya, thank you again for being on the show and everybody have a great weekend and we'll see you all next week. Bye everyone.