 Welcome back to another episode of AZ Update. I'm your host, Anthony Bartolo. Join today by Sonya Cuff. Sonya, how's it going? Greetings from Down Under. It is 1 a.m., so don't ask me how the day is going, because we've only just started it. Pierre and I so appreciate you joining us in co-hosting today. Sarah is actually on a special assignment, and she'll be talking about that next week. So awesome to have you on the show. I know it's very tough for you to do so at 1 a.m. So it is first thing in the morning for you on Saturday. How does the future look right now? So far, so good. Saturday's looking still pretty dark out there, but I'm sure it's going to be a great day. So we had a very busy week this week, and it was a lot of late hours. That's why even more so, I appreciate the fact that you're coming on so late. IT ops talks, all things hybrid. Man, I just, it was so exciting. Everything happened so quickly. The amount of conversations that happened online, the excitement that happened online, the keynote with Mark Rosinovich, the funny behind-the-scenes stuff that occurred. Sonya, what was your take? I really appreciated the chance to sit down with some of our speakers and have some deep technical discussions about how things work behind the scenes. We don't see that sort of depth of technical content much these days. It's also hard to manage that juggle with an online format, and that's why we pre-recorded this stuff and released it all in one go, so that people could literally choose their own agenda, watch what they're interested in, when it suits them, and amongst everything else that goes on with IT Pro Life. And I think one of my favorite sessions was on virtualized and hybrid backup, so deep dive session that we did with Ben Armstrong, just taking me back to the days of volume shadow copy and how backup works under the hood and how that's changed and evolved with virtualization and with cloud. Yeah, that was an awesome one. The PowerShell one for your hybrid cloud was another great one that took you through steps in regards to, here's the tips and tricks to do automation. I know PowerShell is scary. The GUI is a lot easier to go through, but you could save so much time using PowerShell and having that as an automation tool. The sessions were phenomenal. They were based on what questions were coming from you, our audience, and they're all available to watch. If you go to aka.ms4 slash ITOps talks with an S at the end, you'll see the full gamut of all 19 episodes. I believe the keynote, it's up there as well, so it's probably 20 episodes up there right now that you can go through the sessions. To further that, the Discord server that was spun up, it was actually initiated before the event actually occurred. The amount of conversations that have been happening in the Discord server, not only from a perspective of questions, it's been a sharing of ideas, sharing of strategies as well, which has been awesome, and the PMs that presented on the sessions are visiting the Discord server rooms. So if you're in one of the rooms of one of the sessions and you're asking a question or you're sharing an idea, they're actually listening and providing their feedback to your idea or answering your questions, which was also awesome. Yeah, absolutely, come and join us on that Discord server. One of the ways we were trying to compliment that engagement that you really miss being able to sit next to somebody at a table over lunch at a conference or bump into them in the hallway or turn to the person next to you in a session to ask them a question or what they think. And so that Discord server with those channels was our way of being able to bring people together and dedicated channels per session so that you can find out what other people are saying and you can talk about that session. So if you want to join us on the Discord, it's aka.ms4 slash itopstalk-discord and you can join in the conversations. The Discord server will not disappear after the event is done. It'll continue to live on. It's something where we have other rooms that are in there besides the itopstalks event rooms that you can actually go in and join in the conversation. And the conversation has been awesome and it allows us to see what's troubling you in terms of service adoption, what challenges are you running into and it allows us to then provide you that information or create it if it's not available. The other thing that happened which was interesting this week was the Scott Hanselman has actually joined TikTok and that was interesting because we've been dabbling with this for a long time. There's been the dare, as I can say it, to Rick Claus and Joey Snow from Patch and Switch to be on TikTok. And they're like, oh no, there's no place for us there. Scott Hanselman has been on it for two weeks and what really caught attention was the recent demonstration that he had about his Switch implementation at his home. This very nice-looking Switch closet, networking closet. I think it's in his garage because he's wearing a jacket when he's showing it off. But what really caught everybody's attention was the augmented reality capability of his switches which are biubiquity. It's the UNIFI app that's available on iOS that allows you to see the switches from your phone in augmented reality. Pierre, I don't know if producer Pierre is gonna show us the video really quick. I'm in my closet. This is my home network. So there's the home Switch. This one's ubiquity. It has two gigabit switches, both zipli fiber and Comcast. 28 terabytes of storage on the Xenology and punchdown cables so I can find everything. I can even use augmented reality to find my devices. This is super cool. I can use augmented reality to point my camera at the switches and I can see exactly what ports go to what, what cables have which devices attached to them. It makes it really easy to debug my network because so many things are wired. So a lot of people have been talking about this, right? So this is not new. This has been out for a while. But there's a lot of questions in regards to, okay, so you're incorporating augmented reality. And I've seen the conversations that have been happening on Twitter and on Reddit in regards to, I think you just put a piece of tape and you'll know what's connected where. This is dynamic. This is a, you know, if you switch out an access point for a NAS as an example, it'll know and it'll show you that you now have a NAS in the augmented reality piece, right? As opposed to you ripping off that tape and putting on the new tape. It tells you the IP address and what have you. It's a great dashboard to understand what your switches are doing from this. And I would love to see this advance to something further. Everybody's intrigued and interested by it because it's a real world utilization of augmented reality from a perspective of a dashboard or a view perspective. I would love to see it to go further and be an actual interact perspective and that you can go in and, hey, I wanna limit the bandwidth to this device specifically because I know it's an access point and I don't wanna have full bandwidth because it'll eat up the rest of the house and doing that kind of stuff through augmented reality. So you don't have to go to a terminal. It's really cool. It's a really cool idea. What do you think, Samia? Look, absolutely. And all I can think of is back to my enterprise scenarios where you go into the switch that's sitting on one of the floors and you'd be trying to figure out which of the devices on the network was being noisy or causing the network problems. You'd remember that maybe those ports for the data ports and that had workstation 204 and then you'd go out on the floor and find that someone's moved a couple of computers around which is always helpful when you're an enterprise admin but absolutely to be able to maybe light up which of the devices are being really noisy on the network. Obviously that's a really good way of also having to find computers that maybe struggling with a Windows update or maybe infected with some malware and they're doing a lot of broadcasting on the networks to be able to see that and they will be a really good improvement too. What's really great about this is seeing solutions like this come into mainstream means that solutions like augmented reality will become norm slowly and there's no limitations by hardware. Previous to you, you'd have to have a special headset or purchase a HoloLens or what have you. This is being done from an iOS device, not available on Android yet. I know that there's been a lot of requests into ubiquity to have this being available for Android as well. So we'll see how that goes. But any smartphone or any tablet that's running iOS right now can actually do this type of functionality which is really cool. And I can't wait to see how this evolves in future. Andrew McCollum on the chat room actually says that he's sent out a message to Scott to say, hey, you need to incorporate HoloLens. It's not available on HoloLens right now. So it would be cool to see if there's that capability to extend that functionality for HoloLens on the switches itself. Yeah, absolutely. And a lot of the examples that we've seen in that space today have been things like manufacturing or training. The machinery's got a problem or how do I do this process from a training perspective? So I think this is one of the very first examples that I've actually seen in the IT Pro space. I always picture something like a minority report where I can see my network map and reconfigure my things. But this is kind of the first creep of AR that I've seen into our space was something that's actually useful for things that we'd manage on a daily basis. So many in Twitch has actually commented, can I get that built into a contact lens? If you can, that'd be awesome to check that out. I don't know if I would want sensors that close to my eye, but it's actually a cool idea. It's a possibility in future, right? It's who knows where augmented reality is gonna go. So Simon, should we get started with the news? Absolutely, let's go. Okay, so starting out this week, I've got a couple of updates to Azure Backup Center and Azure Backup Center has announced a couple of new things in public preview. To start with, it now has support for a couple of extra workloads. So SQL and Azure VM and SAP HANA and Azure VMs are now supported as workloads in public preview in Azure Backup. But the one that really caught my eye was Azure Files. So now Azure Files is a supported workload in the Azure Backup Center as a public preview feature. It gives me all of the friendly things I'm used to managing backups like being able to customize the backup retention and getting alerts and reports about my backup and my restore failures. But now it gives us instant restore of those files on those Azure file shares. And we can also enable the soft delete feature to give us that 14-day soft delete at a storage account level for restoring those accidentally deleted files. So that's a really exciting one to test in public preview before that becomes generally available. Also with the Azure Backup Center, there have been some extra policies that have been released. These ones caught my eye as well about being able to configure backups on virtual machines with or without tags to make sure that they are backing up to recovery services volts in the same locations. So this is about making sure that when we set up our environments, we're getting consistency. We're keeping our data constrained to the same geographic locations that we need it to be for our policy and compliance reasons. And of course, because we can get reporting on this on an ongoing basis, whether our resources are in or out of compliance, if this changes, if someone goes and messes with our configuration, we can get alerted that these things are now not compliant with these policies as well. So again, a couple of extra public preview features there. That's a backup center public preview and the couple of updates. What have you got for us, Anthony? Well, actually, I wanted to comment really quickly on this. The file share one is a huge one. The fact that everybody's accessing applications and documents on any device, especially the fact that we're all working from home and on tablets and on phones. And I have big fingers and sometimes I hit the button wrong and I'll delete a file. The soft delete in your laughing because it's happened to me before and you freak out and it's like, oh my God, what am I gonna do? And you're doing it on a device that's a non-traditional device that you shouldn't be doing it on. But you get a notification, you got to review a file really quickly and you do so on your device. You make a mistake and you delete it. The soft delete functionality, well, the whole aspect of the backup for file share, that's huge, first of all, right? But now even the enablement of the soft delete feature for those that are on smart devices and they're accessing the documents that way, it's a great save. I accidentally delete the file and I've done it before and now you can actually call and get that retrieved back via the soft delete so it's not actually gone, which is cool. Yeah, and I think it also speaks volumes about our hybrid strategy. We've just had our hybrid event and we're really bringing these different components together. So if you have a look at the traditional problems that an IT pro needs to solve on a day-by-day basis, backups are like one of those key things that we need to have in place and to have this now available for Azure files and also to have it in the Azure backup center itself brings in all of these different components of the things we're managing. So if we're already using Azure backup to back up our VMs in Azure, we may be using it to back up some of our on-prem infrastructure as well with our Azure Arc agents. We're tying everything together again so that no matter where those files live, if they're in an Azure VM, if they're on-prem or if they're in Azure file share, we have this one central place to help manage the backup and the restore of those files. So it's great to see all of these different components coming together in this hybrid strategy to make the management of them a lot easier for us IT pros. Let's continue on with the news. So next up, there is a new Azure Monitor agent overview made available for preview. Those are you're not aware. The whole aspect of Azure Monitor is the ability to see your health of your infrastructure, your hybrid infrastructure, your cloud infrastructure from a perspective of what's running well, what's taking up a lot of your bandwidth, where are the bottlenecks lying in terms of your data being sent across. The preview here has a new Log Analytics agent that allows for Log Analytics workspace to collect data from multiple sources within your infrastructure. The big piece here is the one that producer Pierre is most excited about is the Linux multi-homing capability. So the ability to send data from a Linux VMs to multiple workspaces. This is huge because the more that we can get information out of our Linux VMs in terms of our day-to-day activities and understanding what's actually happening inside those virtual machines themselves in a centralized plane and that's the whole Azure Monitoring piece. It allows us to be more responsive in terms of bottlenecks or slowdowns or any of that ability. There's also new functionality made available for Windows VMs as well. The big thing here is in terms of Azure Monitor to have that single pane glass to understand what your infrastructure is doing and actually how your data is being passed along. So all of the information here is made available here. It's all currently in preview. So do make sure you go out and test it and provide your feedback in regards to what needs to be changed or what needs to be made better or if it's working for you and it works really well, provide that feedback as well because Microsoft would love to hear from you how we can better the solution if it needs to be bettered. Sonya, thoughts? Look, I'm a Windows girl through and through. I've been doing Windows Server admin since Windows Server was a thing and so Linux things are little magic black boxes to me. The more that I can bring random things like that getting a growing acceptance in our environment and especially with our developers into something like Azure Monitor that I can understand and I can analyze that I can make sure that all of those things are working the same way that I expect my Windows systems to be working all for that, again, that centralized pane. We actually had a really good session in our ITOps talk, all things hybrid session about log analytics and how you design where those work spaces should sit. So that's when they go and check out as well. And this will coincide in the fact that you have the ability to now send out data to multiple work spaces for analytics, which is awesome. So definitely check out the ITOps talk session and check this out too and provide your feedback. Sonya, you're up next. Excellent, okay. Let's talk about Azure Security Center. So Azure Security Center had a couple of updates as well, again, in public preview. And I'm a big fan of letting you know when this public preview stuff comes out with it not being generally available yet, that does mean that there may be some changes in the service, but the best way for us to get these services improved and solidified is by letting you test them in your test environments. And so one easy way to do that is by looking at secure score because for management groups, it's now available in preview. And previously you used to be able to get a rolled up secure score for your overall security posture for a subscription. But if you're a very large environment and you've got multiple subscriptions that you're rolling into one management group so that you can manage and monitor and maintain those subscriptions because they're all similar. For example, they might be subscriptions that all have test workloads in them or they might all have production workloads in them and you want to manage them the same, then now secure score can group by management group. So you can actually have a look at your overall security posture at a management group level for all of the subscriptions that are under that level. It's a great little sort of tiered hierarchy that helps you manage your environments that scale better and improve that security posture. Another update that we had for security center is another 35 recommendations added in public preview to increase the coverage of the Azure Security Benchmark. Now the Azure Security Benchmark is the default policy initiative that the Azure Security Center uses. And what it does is it takes the best things from like the CIS and NIST in all of those kind of security center controls in terms of what they recommend you should have implemented for your environment. And then we map those to the different capabilities. So for example, if the security control is making sure that you are enabling encryption at rest that maps into making sure that encryption at rest is enabled across a bunch of different Azure services. We have things like here like making sure that subscriptions have contact email addresses for security and we have email notifications for high severity alerts. And the interesting thing is when you have a look at these policies they just look like common sense. But the granular level because policy is this thing where you can control individual policies at such a tiny little level. Sometimes we just need that overall guidance and the Azure Security Benchmark does that. It says look out of everything that you could turn on this is really the stuff that we think you do need to have be mindful of and be managing and controlling to keep your environment secure and to keep it in line with what these authorities are recommending as the best security practices. That's huge. Yeah, what do you think Anthony? It's the whole aspect of making easier for system administrators to manage multiple subscriptions. That for me immediately rang bells in my head in regards to that's a big one. I've heard it numerous times from administrators the challenges of managing multiple subscriptions. Organizations are building applications within multiple subscriptions now. And so that complexity, it's kind of addressed with governance in terms of the templating capability and then you can have that same security posture put across all subscriptions itself but what happens when there's that change required and an application requires a specific service or instance that was outside of the norm. How do you manage that across your multiple subscriptions? That for me was something that was big in terms of the notification that, hey, you're outside of the parameters that we've agreed upon for security posture. The fact that you have it in one place is a big deal. Yeah, and if you have a look at something like, policies are very much like monitoring alerts, right? There is this whole list of things that you could turn on or off and you start to get a little bit of fatigue in terms of making the decisions about what things you should be monitoring, including from a security perspective and what things you shouldn't. And then to not only keep on top of that but to make sure that you're not getting too much noise because then you start to ignore the alerts anyway. And then what happens when things change? And that's why something like the Azure Security Benchmark is so great because this policy initiative is managed by Microsoft in terms of what individual policies it contains and that's updated with the latest guidance that we get from the best in the business from a security perspective. So it really is about using the power of Microsoft's security teams and the organizational contacts, the threat analytics, all of the security work that we do behind the scenes that our customers are getting just by implementing this policy and then seeing how it applies to their resources. Actually, Sarah Young does a phenomenal job of covering that in ops 101 that was on the IT ops talks, all things hybrid event. So she actually goes through the demo of setting up the policy that would be reflected across multiple subscriptions. So do check that out aka.ms4 slash IT ops talks. It's ops 101 for that session. She does a Sentinel session as well, which is really good. In both sessions, she has a full on live demo that's being shared across multiple subscriptions. So if you do get a second, do check that out. Next up in the news, there has been updates for Windows, sorry for Microsoft Intune in regards to notification for email compliance. So in scenarios where if you have a device that is not compliant with the organization that it's connecting to, prior to there was a lot of manual requirements for sending of notifications outside of the English language. Also, there was manual setup for notifications to devices that weren't traditional Windows devices. So if you needed to format it for a specific way for a specific Android device or a specific iOS device, you had to create separate emails. You had to create a separate functionality. That's now being addressed and is now a automation template in the fact that it'll actually detect what device is actually sending the messages to. You can actually have specific emails formatted for specific devices. We talk about iOS and Android, but there were a plethora of devices that are out there that are managed by Intune. Everybody's laughing in the background as I said, plethora. I know it's a little inside joke. The whole aspect of machinery now, having these templates or having these devices that they're connected to, IoT devices, sometimes the screen can't show the format properly of notification of compliance. And those devices also have to be taken into consideration of compliance as well. This Intune functionality now addresses the ability to say, hey, now this device too can receive custom notification of its ability to be compliant or not. And so now we can make notification to that individual that's running this device for a specific task. It's a really cool solution that's now automated and it takes off a lot of pressures from IT professionals that no longer have to create manual notification. This also comes into consideration for languages. So traditionally it's English language for the notification. If you're doing in Spanish, French, Maltese, whatever that may be, you can now have that customization and have that tied into the individual's profile in Azure Active Directory in terms of language of choice. And so when the notification comes out that the device is not compliant, it actually comes into their native language so they get notification in their native language that they would immediately reply to you or enact on to make your device compliant. Whereas before the notification that would be automated would be English and it would have to be a custom notification in their language of choice. So it's a much better experience now for end users in terms of notification itself. Sanya, your thoughts? Yeah, absolutely. And you used to be able to get around it a little bit by setting up multiple different policies but because a policy could only have one notification, it had to be in only one language. So you'd have to duplicate the policies for every other language that you wanted to present. I think this really simplifies it for IT Pros. It's reflective of our global nature of devices we're managing and it's really interesting. You were talking about the different formats. We've come a long way from, I'm gonna age myself here. And when I started back in the day, we were managing Windows PCs, servers and like dot matrix and then laser printers. That was it. Like there were no other kinds of devices on our corporate network. So it's certainly a brave new world and it has been for some time but we've seen that exponentially now that we've got people working remotely and working remotely for a significant amount of time on who knows what device that needs to be able to safely and securely access our corporate networks. Let's jump into events. So we have one event to report on right now, the upcoming Microsoft Ignite registration is open. So if you're interested into registering, you're going to myignite.microsoft.com. The event is taking place shortly. It's the first week of March and it's going from March 2nd to March 4th. Should be exciting time as it always is. It's interesting because usually Ignite happens in the fall and so having an Ignite in spring or technically still winter for North America. It'll be summer for yourself in Australia. It's interesting that we have the second offering of Ignite but registration is now open. I really wanted to quickly because we have four minutes left. I wanted to jump into our Microsoft learn module of the week and this is a big one because this coincides with actually IT ops talks, all things hybrid. It's the all things hybrid cloud skills challenge. Sonia, can you talk a little bit about this? And so the cloud skills challenge is a collection of Microsoft learn modules that we've put together for you to go into with a little bit of a twist. So if you get them down and tweets at our IT ops talk Twitter account with the hashtag AZ ops, you can go in the draw to win someone on one time with one of your favorite people at Microsoft. Now the list of people on that list is very limited so they have to be either someone in our team and we do have a prize for some time with Jeff Woolsey but it's a great way to learn about hybrid topics. So there's things in there about Windows Server, Active Directory, DNS and networking, Hybrid, Azure Arc like you name it, we've put together an amazing collection of topics about Windows Server and Azure Hybrid networks for you to go and learn at your own pace and yeah, give us your feedback. I think it's a really great challenge to find that kind of technical training content. Our boss is in the chat room and he's a little bit upset that we didn't include him as a prize, but we thought Jeff Woolsey, a lot more people would pick Jeff over Rick but I digress. So it's an awesome challenge. What I love about it too is we have Windows Server learn modules. This is big. We talked a little bit about this last week during last week's show. These were created in conjunction with Oren Thomas and the team put forth the initiative to get this done based on the feedback that this didn't exist before. So to have these available now, it's a big deal. It's something where everybody's been asking for it. It's taking a little bit of time but they're finally up there and to kick them off, to have them as part of the learn challenge take advantage of that. And then if you're able to complete it in time have the opportunity to sit down with Jeff Woolsey. And if you want to sit with Rick Claus we're not going to hold that against you either but it's okay. I'm going to get a call after the show. I know it's going to happen. It's an awesome challenge. Take advantage of it. The learn modules will not disappear after the challenge is done but why not take the opportunity to sit down with Jeff Woolsey and pick his brain in terms of your need for a hybrid implementation down the road. Sonya is so awesome to have you on the show. If people want to get a hold of you what's the best way to get a hold of you? Absolutely. You can find me on Twitter, almost 24 by seven. You'll find me at Sonya Kalf on Twitter. If you want to get a hold of producer Pierre you can find him on Twitter at WiredConnect. And if you want to get a hold of me for some reason you can get me also on Twitter at Wireless Life. Sonya thank you very much for being on the show once again and everybody have a great weekend and we'll see you next Friday. Bye.