16. You need all three
High availability
When your applications
have a catastrophic failure,
run a second instance
Disaster recovery
When your applications have a
catastrophic failure, run them in
Azure or a secondary datacenter
Backup
When your data is corrupted,
deleted or lost you can restore it
21. Desired State Configuration (DSC)
- Proactively respond to configuration
drift by defining a baseline for your
environment
- Deliver Infrastructure as code
- Flexible Delivery
• Apply and monitor
• Apply and autocorrect
- Detailed reporting and diagnostics at a
per resource level
- Available for both Windows & Linux
Change Tracking & Inventory
- Track changes made to your system
- Valuable for root-cause analysis
- Collect & search inventory and history
- Available for both Windows & Linux
- Windows
• Software
• Services
• Files
• Registry
- Linux
• Software (Packages)
• Daemons
• Files
Key Features
Configure any cloud or on
premise machine
Windows & Linux
Desired State Configuration
Change Tracking
Inventory
On-
Premises
Datacenter
Azure
AWS &
Service
Providers
22. View snapshots for:
• Software
• Files
• Daemons/services
• Registry values
Key Features:
• Spans across Windows & Linux
• Use data to create computer
groups
• Browse historical data
23.
24. View changes for:
• Software
• Files
• daemons/services
• registry values
• Azure activity log (New*)
Scenarios:
• Identify unauthorized changes
• Correlate configuration changes with
monitoring events
• Create an alert & remediate on change
• Reporting for package/software updates
• Browse historical changes for diagnosis and
forensics
25.
26. Automated configuration management from the cloud
• Manage physical hosts and VMs in any cloud or on-premises
• Windows or Linux
• Configuration setting and reporting
• Easily attach Azure VMs from portal, ARM Template, or extension
Powered by PowerShell DSC
PowerShell (PS) DSC configuration, node configuration (MOF), node, and
resource management
• Import configurations & modules (from PS Gallery or custom)
• Author
• Compile
• Distribute to nodes
• View granular and high-level configuration compliance reports
• Easy node onboarding
Deploy, enforce, and monitor configuration compliance
38. Monitoring and Logging
AZURE:
• Performs monitoring & alerting of security
events for the platform
• Enables security data collection via
Monitoring Agent or Windows Event
Forwarding
CUSTOMER:
• Configures monitoring
• Exports events to SQL Database,
HDInsight or a SIEM for analysis
• Monitors alerts & reports
• Responds to incidents
Azure
Storage
Customer
Admin
Guest VM Cloud Services
Customer VMs
Portal
Smart API
Guest VM
Enable Monitoring Agent
Events
Extract event information to SIEM or
other Reporting System
Event ID Computer Event Description Severity DateTime
1150 Machine1 Example security event
4 04/29/2014
2002 Machine2 Signature Updated Successfully
4 04/29/2014
5007 Machine3 Configuration Applied
4 04/29/2014
1116 Machine2 Example security event
1 04/29/2014
1117 Machine2 Access attempted
1 04/29/2014
SIEM Admin View
Alerting & reporting
HDInsight
Microsoft Azure
https://www.microsoft.com/en-us/trustcenter/security/auditingandlogging
39. Full Stack Monitoring & Analytics across Apps and Infra
Application Insights
Scenario Specific Monitoring – Customized Data Ingestion & Diagnostics
Log Analytics
Service Map Container Health
…Network Performance Monitor
Monitoring Fundamentals – Available out of the box with Azure Platform
Activity LogsDiagnostic Logs Service HealthMetrics
Dashboards Alerts Action Groups Autoscale
Unified pricing model
Only pay what you use
Data ingestion per GB
41. • Diagnosing across app stack is
hard unless various
perspectives connected
• New and powerful big data
query engine for all your app
telemetry and root-cause
analysis
• Ad-hoc queries and full-text
search helps answer tough
questions instantly
42. • Simple, powerful SQL like language
much easier for complex queries
• Filter, join and correlate data to gain
performance & usage insights
• Extract and extend your data to
create new calculated data fields
• Generate statistical aggregations
and powerful visualizations instantly
44. • Open Source SDKs to power
insights for any web app
• Continuously export data to
Azure Blob Storage or SQL
• Visualize data with Power BI
Content Pack
• Data access via REST APIs*
Notes de l'éditeur
25% of VMs on Azure are already using Azure Backup.
Only 10% are secure!
Only 10% are monitored
Azure can help by reducing the challenges of cost and complexity, while helping add coverage and compliance. Let’s drill into more details.
Microsoft Azure provides customers peace of mind knowing their workloads are protected from any disaster without having to build and maintain a secondary datacenter or relying on backup. Azure delivers cloud services that extend to your datacenter to protect your infrastructure, transforming your business with a true hybrid solution.
Reducing costs
Customers do not have to pay for infrastructure, the power to run and cool machines, or IT personnel to manage machines, saving customers from paying to maintain a secondary data center
Managing complexity
Customers can leverage automation to enable the true power of recovery plans and allow you to failover your workloads with a click of a button, removing the guest work and stress involved in a disaster
Ensuring compliance
Disaster recovery is no longer constrained by geographical barriers. The disaster recovery site can be from any one of our Azure regions around the world. (Or asking for something like the quick restoration of workloads allows customers to gather necessary information to meet compliance deadlines)
Scaling protection
ASR provides rich capabilities to quickly replicate virtual and physical machines a customer’s own secondary on-premises site or Azure
Azure can help by reducing the challenges of cost and complexity, while helping add coverage and compliance. Let’s drill into more details.
Microsoft Azure provides customers peace of mind knowing their workloads are protected from any disaster without having to build and maintain a secondary datacenter or relying on backup. Azure delivers cloud services that extend to your datacenter to protect your infrastructure, transforming your business with a true hybrid solution.
Reducing costs
Customers do not have to pay for infrastructure, the power to run and cool machines, or IT personnel to manage machines, saving customers from paying to maintain a secondary data center
Managing complexity
Customers can leverage automation to enable the true power of recovery plans and allow you to failover your workloads with a click of a button, removing the guest work and stress involved in a disaster
Ensuring compliance
Disaster recovery is no longer constrained by geographical barriers. The disaster recovery site can be from any one of our Azure regions around the world. (Or asking for something like the quick restoration of workloads allows customers to gather necessary information to meet compliance deadlines)
Scaling protection
ASR provides rich capabilities to quickly replicate virtual and physical machines a customer’s own secondary on-premises site or Azure
Gain visibility into health, performance and utilization of your platform, apps, and workloads, no matter where they reside and get time back to focus on the initiatives that matter the most to you and your organization.
Azure provides monitoring and analytics as a SaaS offering, so you can get started quickly without any infrastructure overhead. It is designed to manage your development and IT operations workflows through a unified experience. It can connect to any data source and leverage your existing management tools, both on-premises and in the cloud. You will bridge the gap between app and infrastructure with the automated discovery and mapping of the dependencies across servers, processes, and 3rd party services. You can query at cloud scale and gain immediate insight by correlating and analyzing petabytes of machine data. With built-in solutions and machine learning algorithms baked into the service, you can detect and fix issues, before it impacts users - no matter what type of platform, or which public cloud service you use.
Key benefits
Collect and correlate data from multiple sources, enabling integrated monitoring and diagnostics of the cloud and on-premises environment, across multi-vendor solutions
Discover application components and map their connections across servers, processes, and ports, for complete visibility of multi-tier services
Visualize and alert on the health, performance and utilization of your resources, no matter where they reside and accelerate troubleshooting of issues
Detect and respond to issues before they impact your users, with continuous monitoring across development and IT operations workflows.
Learn, iterate, and improve the performance and usability of your apps and services using real-time insights with machine learning and ad-hoc analytics
Talk through the investments of what MSFT/Azure sees as important for enterprise cloud management platform
The combination together is powerful. Truly integrated capabilities SaaS management and security.
To be successful in the Cloud era, enterprises must have visibility/metrics and controls on every component to pinpoint issues efficiently, optimize and scale effectively, while having the assurance the security, compliance and polices are in place to ensure the velocity.
Native Security and Management in Azure
Enterprise grade capabilities natively from the cloud provider Azure
Integrated and interconnected across data and experiences
Management capabilities included with the flexibility to increase or choose 3rd party
Can make the point that for those familiar with OMS these were the foundation for what we now have natively within Azure.
5 main areas:
Secure: While Azure is trusted and secure platform, you as a customer have your own security settings you need to manage. You also need to be able to protect your individual machines against threats and monitor the security posture of your system.
Protect: Your VMs and applications in the cloud need to be backed up and protected in the event of data loss. With disaster recovery from on-prem to the cloud, or from one cloud to another, you can avoid downtime and keep your applications up and running.
Monitor: Every operations manager and every developer needs to be able to see the health and performance of their applications, infrastructure, and network. And seeing insights across all three together in a single dashboard can save time and resources in troubleshooting and preventing issues in the future.
Configure: For managing Azure and hybrid workloads at scale, automation and configuration capabilities help you create runbooks to automate tasks, manage the configuration settings and track changes, and monitor and deploy missing updates. Additionally in Azure you can use PowerShell and Cloud Shell for command line scripting.
Govern: Many customers need a way to look across cloud resources to assess and enforce enterprise-wide standards and policy compliance for security and management. In addition, they need to manage and monitor costs for the cloud. We recently acquired Cloudyn, a multi-cloud cost management solution to help our customers with this challenge.
Key investment themes
Site Recovery Benefits:
Automated VM level Replication
RPO of seconds and RTO of minutes
No impact DR Drills with Test Failover
Planned and unplanned failover
Orchestrated Recovery Plans for Disaster Recovery
Failback support
Migrate to Azure from anywhere
Create on-demand test copies in Azure
39
There are a bunch of interesting new capabilities so lets get started with the first area: Intelligent APM
As modern app developers, we all know how crucial it is to detect, triage and diagnose problems before they start affecting our customers. With Application Insights you get all the tools to make your diagnostics experience smarter and find and fix problems before your customers know it!
Detect: One of the most crucial things is to be able to detect issues as soon as they happen, and be alerted instantaneously. However, the issue with alerts is that it requires you to have a threshold and more often than not, you don’t have any idea. Moreover, in the complexity of modern app architecture, even an army of analysts sitting in front of a dashboard cannot detect all the different things that can go wrong. That is where proactive diagnostics come into play. With our Machine Learning based technology, you can be alerted on real time service disruptions and anomalous patterns in your app performance and behavior, with thresholds constantly evolving based on your app architecture and performance patterns.
With dashboards you can pin all the charts and KPIs across your Azure resources at a single place and share with your colleagues. You can also take advantage of the new live stream metrics to see what is going on with your application metrics at this right very moment.
Triage: Once you detect an issue, the next thing is to figure out its impact and whether it is priority enough to solve right now. With Application insights you can find out the real user impact of any exception and take decisions accordingly. With the new Application Map you can automatically detect your application topology across dependencies and client & server side components. You can find the impact assessment and click through to underlying Azure resources to find the right information.
Diagnose: Once you decide to fix an issue, you need all the context to solve it, and with our out-of-the box telemetry collection, you will have all the data you need. What’s more, if you are developing Azure Cloud Services or App Services, you can get much deeper diagnostics information, covering some of the role lifecycle issues and other performance problems.Operationalize: Once you have been through the Detect, Triage & Diagnose cycle, you can set up your own custom alerts based on the thresholds you discovered and keep being on top of things!
OK! So, lets get to our next area: Analytics
As we mentioned in the beginning, Analytics is a new capability in Application Insights we just announced at Build. And, I should say it is one of my most favorites.
In a modern app architecture with various tiers and components, it is often very difficult to diagnose problems or gaps across the entire app stack unless you can connect the various perspectives.
With our new big data query engine, you can do that very easily and find all the answers to do the root-cause analyses.
You can ask ad-hoc queries across your entire app telemetry and even do full text search to discover the right data sets.
What powers the Analytics experience is a powerful query language we launched as well.
Read through the points…
And the best thing with Application Insights is that since we collect telemetry across your application stack, you can correlate data across your Service Performance, Business Metrics and Customer Experience and generate unique insights helping you answer tough questions almost instantly.
To put it in perspective, some very high scale Microsoft services are using it today sending us Terabytes of data over which they can get answers to their queries in as little as a few seconds. E.g. internally the service ingests over 1 trillion events and 600TB a day of log data across hundreds of Microsoft cloud services. Yes, 600TB a day – that’s many petabytes of retained log storage in just one month.
Lets switch gears to our 3rd area: DevOps. As developers we would be using one or the other dev environment and have some DevOps workflows that we would be using! Having the diagnostics experience integrated with our existing practices makes it so very easy and useful! If you use Visual Studio or Visual Studio Team Services, there are a bunch of integration points that you can take advantage of.
What also makes Application Insights powerful is how it is designed to be flexible and extensible to help you get insights suited to your particular needs.