After a long weekend in green and sunny Ireland here we are again with some hot topics.
The big news is the new gateway SKUs, which is great, but adds a bit of confusion because in, what I consider, an unfortunate sentence the current basic gateways are now targeted to non production environment. This is indeed an ambiguous statement because the basic sku has always been targeted for dev/poc env, while the Standard and HiPerf for production. Anyway it is a clear move to push all the customers to the new, more feature packed and more expensive gateways. The new gateways are a complete code rewrite of the previous ones, apart the new throughput capabilities I find particularly interesting:
- SLA from 99.9% to 99.95% or from a 43′ downtime to 36′ SLA covered maximum downtime. So we can have a 99.95% SLA on all the IaaS infrastructure.
- Support for custom IPsec/IKE policies
- Multiple policy based VPN device connections from a single gateway. Just to name the first device that comes to mind, you can now connect one single gateway to multiple ASA devices.
Ob the down side: there’s no upgrade path and this means possible connectivity disruptions and they’re far more expensive (from 23€/month for a basic gateway, to the 123€/month for the entry level VpnGw1)
Patch management for your VMs is now coming in the Azure portal. This is an OMS powered solution targeted at the single VM, the OMS solution allows you to target your entire environment and grouping clod or on-prem VMs together.
Large disks up to 4 TB are now ready for prime time, almost. We still have to wait for backup and ASR support.
SSE (encryption at rest) get to managed disks or viceversa if you want
Kafka on HDInsight now supports managed disks preview.
Traffic Manager gets fast failover (with tuning thresholds and retries for probes) and tcp probing (vs http only). Details…
Storage encryption with customer provided keys is now in limited preview
In the latest preview build of **SCCM* supports for Azure AD joined device and Azure AD user discovery has been added. SCCM CB 1705-preview
Application Insights client side monitoring can now be enabled from the Azure portal without the need to manually add the jscript to your code
Scheduled runbooks will start to use the latest modules in your automation account, so that when you update a module you don’t have to remove and add back all the schedules for the dependent runbooks. It was due time, there are other ways to force module dependencies in powershell.
Please be warned that licensing for the Log Analytics security solution is changing again:
- For Security & Compliance solutions deployed after June 19, 2017, the daily data limit will not be applied to data collected by these solutions, and you can use these solutions free for the first 60 days.
- If you remove your Security & Compliance solutions before the end of 60-day trial, you will not be charged. However, if you continue using the Security & Compliance solutions after the 60-day trial ends, you will be charged per-node pricing.
- The 60-day trial of the Security & Compliance solutions is available for all workspace pricing tiers.
ASR now supports managed disks with a few caveats:
- For Hyper-V VM’s managed by/not under the management of System Center VMM, set the option to use managed disks only if you intend to migrate your machine to Azure. This is because failback from Azure to on-premises Hyper-V environment is not currently supported for machines with managed disks.
- Data from on-premises VMs replicates to a target storage account in Azure, as is with the experience today. Managed disks are created and attached to your machine only on a failover to Azure.
- Disaster Recovery of Azure IaaS machines with managed disks is not supported currently and will be made available in the future.
Log Analytics Service Map adds computer groups, with this addition you can organize your applications in groups and immediately plot the entire topology
System Center moves to a Current Branch style release model with semi-annual releases. Details…
Microsoft Advanced Threat Analytics 1.7 Management Pack. Version 220.127.116.11
Microsoft System Center Management Pack for DNS 2016 Version 10.0.6.4
System Center Management Pack for Windows Server DNS Version 10.0.6.4
Update on APM fix for agent crashing issue shipped in UR3 (https://blogs.technet.microsoft.com/momteam/2017/06/06/update-on-apm-fix-for-agent-crashing-issue-shipped-in-ur3/)