Cisco announces “AI Assistant for Security”

Last month, and now just a few weeks away from Cisco Live, Cisco have announced they are bringing a new “AI Assistant for Security” to market this year. This is an artificial intelligence tool that combines generative AI technologies with an “unparalleled scope of data” , giving IT/SecOps teams the ability to generate more secure, AI-driven insights that span devices, applications, security, networks, and the internet .

“AI Assistant for Security will help provide better protection to our customers by simplifying management for both seasoned administrators and novice users. Our aim is to inject generative AI and unify telemetry across all Cisco Security solutions to create a more effective experience and safeguard our customers”

Brian Feeney | VP Global security partner sales | Cisco

Cisco AI Assistant for Security marks a major step in making artificial intelligence pervasive in the Cisco Security Cloud. Starting with the Cisco Secure Firewall Management Center, Cybersecurity professionals will be able to leverages Cisco AI Assistant for streamlining and automating firewall management both on premises and in the cloud.

Firewalls first – more later

Cisco have said that they will launch the AI Assistant for firewall as soon as Spring 2024, with this representing a great opportunity for their partners and customers to start leverage the advantages of AI.

Cisco say this will be included and integrated into their cloud-delivered Firewall Management Center with no additional charge. Longer term, Cisco said they plan to extend it to their other firewall management tools later.

Why? Well, according to Gartner, Configuration complexity and inconsistent rules are among the highest cause of security risks and breaches when it comes to configuring networks and firewalls with misconfiguration being the cause of nintey nine percent (99%) of all firewall breaches.

Image (c) Cisco

The AI Assistant for Security is built on “Ciscos foundation of security, data protection, and privacy, guided by Cisco’s responsible AI principles and framework”. Their AI assistant is trained on Cisco’s huge security-focused datasets, (Talos) which analyses more than 550 billion security events daily and helps IT and SecOps teams in making informed decisions, enhancing their tooling and reporting capabilities, and automating intricate tasks.

“Cisco is harnessing AI to reframe how organisations think about cybersecurity outcomes and tip the scales in favor of defenders. Cisco combines AI with its breadth of telemetry across the network, private and public cloud infrastructure, applications, internet, email, and endpoints. “

Jeetu Patel | VP security and collaboration | Cisco

Cisco say that their Cisco AI Assistant for Security is a major step forward in making artificial intelligence relevant and pervasive in the Cisco Security Cloud – their unified, AI-driven, cross-domain security platform. Cisco Secure Firewall Management Center will be the first platform to leverage the AI Assistant for Security to simplify firewall management.

This should make it much easier to manage and maintaining firewall rules and policies, by enabling administrators to “talk to and administer” the platform to with natural language to find policies, understand rules, spot anonomises and even get suggestions for new rules.

How AI Assistant for Security is different to Microsoft Security Copilot?

Scope

Cisco AI Assistant for Security and Microsoft Security Copilot are both artificial intelligence tools that are designed to help IT and SecOps teams work do efficiently, smarter and safer users work faster, but the platforms and services are different in several ways when comparing to Microsoft Security Copilot.

Cisco’s AI assistant is designed to work across (initially) their firewall services (with other services that make up the Cisco Secure Cloud portfolio coming later), Microsoft Security Copilot is designed to assist cybersecurity professionals in investigating critical incidents across their entire security portfolio including Microsoft 365, their XDR platform, Azure and Sentinel. Microsoft Security Copilot doesn’t work across physical security devices like firewalls so the two services are potentially good complementing services.

Microsoft has combined the power of OpenAI’s large language model with Microsoft’s own threat analysis footprints which is informed by more than 100 different data sources across Microsoft 365,Azure and hundreds of this party data analysis companies. It uses the combined intelligence of more than 65 trillion threat signals every day to provide company and sector specific insights, alerts and guidance.

Use Cases

Currently AI Assistant for Security is designed to help organisations better configure their security services (starting with firewalls), detect inconsistencies (for example across different sites, service or offices). This will expand over time however and we expect more to be annouced in Feb 2024 at Cisco Live in Amsterdam.

Use cases for Microsoft Security Copilot include for example the ability to allow admins to use prompting language prompting to ask Copilot to  acreste an exec level report on an incident response for a particular ongoing investigation. Copilot will pull data across multiple sources based on the set of interrelated and connected tools and services. Another change of prompt for example could the see Copilot provide more information, change how it displays or summarises the report, or even create lessons learned documents or suggest changes in process.

Cost

According to Cisco, the AI assistant for Security will be generally available for firewall customers in the spring of 2024 at no additional cost via the cloud-delivered Firewall Management Center (FMC) and expanding to other management tools in the future.

Microsoft Security Copilot, however, which is currently in paid public preview is expected to cost >$100k when it’s officially availabily later this year.

A better together story?

As you can see the Cisco and Microsoft’s offering in this space is quite different. While Cisco see their AI Assistant for Security as a way of differentiating their brand in the cyber security space and to leap ahead of the competition in this traditional secoery space (think Palo, HPE, Dell, Checkpoint etc), Microsoft Security Copilot is more geared towards collating security signals from the organisations configuration, reports and signals from Microsoft’s own threat intelligence of 65 Trillion signals, the organisations configuration and third party connected signals to provide almost an AI powered cyber security team.

I very much see this as a “use both” better together theme.

Closing Thoughts

According to Gartner, Configuration complexity and inconsistent rules are among the highest cause of security risks and breaches when it comes to configuring networks and firewalls with misconfiguration being the cause of nintey nine percent (99%) of all firewall breaches.

As such, launching this with a “firewall first” approach is a sensible move by Cisco to add more value to their offering through the use of embedding generative AI into their core security product base without adding a surcharge or making it “Premium”. It should help to further position Cisco as a Leader in the security space against the fierce completion. I look forward to this being available and for Cisco to increase it’s reach over time to the rest of their portfolio.


Read more

You can learn more about Microsoft Security Copilot at and Cisco’s AI assistant below.

Cisco Announcement and Blog: Help Firewall Admins With Cisco AI Assistant for Security

Cisco AI Assistant: Cisco AI Assistant – Cisco

Microsoft Security Copilot: https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-security-copilot



Microsoft are investing £2.5 billion for AI Data centres skills in UK

Microsoft has announced its biggest investment in the UK in its 40-year history, with a commitment to spend £2.5 billion over the next three years to expand their AI data centre infrastructure and train one million people for the AI economy.

This investment will more than double Microsoft’s data centre footprint in the UK, and will see them add more than 20,000 GPUs to the UK data centres for AI tasks by 2026. The new AI infrastructure will be located across in London and Cardiff, with future expansion into northern England.

Microsoft is committed as a company to ensuring that the UK as a country has world-leading AI infrastructure, easy access to the skills people need, and broad protections for safety and security.

Brad Smith |  President | Microsoft


This investment was announcement at the Global Investment Summit, where the UK government unveiled they were investing £29.5 billion into the most innovative sectors, including tech, housing, science and medicine, renewables, and UK infrastructure.

Microsoft are one of the founding fathers of modern technology and today’s announcement is a turning point for the future of AI infrastructure and development in the UK.

Rishi Sunak | UK Prime minister


Microsoft’s investment will help bolster the UK’s growing AI sector, which already contributes nearly £4 billion to the UK economy and employs around 50,000 people. Microsoft are also extending their Accelerating Foundation Models Research (AFMR) programme to provide prioritised access to GPUs for science, medical and research purposes.

To ensure the funding drives tangible outcomes, Microsoft are also investing millions of pounds into training, with a goal to train one million people with the skills they need to build and work with AI, including diducated pots of training support for AI start ups with a join goal with the UK government to accerate the UK in becoming a technology, science and AI superpower.

We are proud to be making this significant investment in the UK’s future as a global leader in AI. This is a critical moment for the UK to harness the power of AI to drive innovation, create new jobs and improve lives. We are committed to working with the UK government, universities and businesses to make this vision a reality.

Brad Smith | President | Microsoft

The investment comes as the government agreed a new Online Fraud Charter with tech companies, including Microsoft, to clamp down on attempted fraud taking place on their and other platforms. This represents the first agreement of its kind in the world and will help protect enterprises and consumers from online scams, phishing attacks and fraud.

The pace of change in AI demands action today to build a prosperous future for the UK tomorrow. Today marks the single largest investment in our more than 40-year history in the UK.

As business and the public sector embrace the AI opportunity, we are building the infrastructure that will support the growth they need, training the people who can deliver it responsibly and securing our society against emergent threats.

Clare Barclay | UK CEO | Microsoft

Why I can’t stop using Windows 365 CloudPC

I wanted to share my personal experience of using Windows 365 Cloud PC as my main device for the past 4 weeks since getting access to this as part of our partner internal use rights!

In short, I was using this both to test it out, but also because my new laptop had not arrived so I was left with the option to re-image an old one or repurpose our “home” laptop and use it as a gateway to Windows 365 – I chose the latter.

Four weeks later, using Windows 365 every day as main device, I simply can’t and don’t want to give it up. Even though I now have my brand new and awesome Surface Pro 9 device – I still haven’t get turned this on and am still choosing to use our seven year old Surface Laptop running Windows 10 (it won’t run Windows 11) with Windows 365 Cloud PC.

Why I love Windows 365

I keep asking myself the same question – why Windows 365 Cloud PC when I have a nice new Surface Pro to use. Well – Windows 365 Cloud PC gives me a seamless, secure, responsive, and flexible experience on the same device that I (and the family) share do everything else on – it’s essentially now become two devices in one and the experience is amazing – both for corporate use and for home use with out compromising anywhere!

It’s also great to have in your pocket when you bring the wrong device to work!

Here are some of the reasons why I love Windows 365 Cloud PC and how it is totally changing my perception on Cloud Computing.

  • Seamless experience: With Windows 365 Cloud PC, I can access my Windows 11 Enterprise Corporate Managed Desktop instantly on my personal device (or from any other device), anytime and anywhere I need to. I don’t have to worry about syncing files, installing apps, or using web apps.
  • Secure and Compliant: When traveling about, I also don’t have to worry about compromising my personal and work experiences, compromising corporate security or risk having any company data leak onto my personal device or stol n from dodgy WiFi hotspots. With Windows 365, my dideicated Cloud PC is in the Microsoft Cloud – ready for me to use at any time.
  • Connecting from almost anything: I can switch from my personal laptop to my phone (I can use Samsung DEX on a TV) or even access via my Xbox via the Edge Browser. Where ever I resume from – me session is exactly where I left off.
  • Responsive performance: Windows 365 Cloud PC is fast and smooth. I can run multiple apps, browse the web, and stream videos without any lag or stutter. This means the lowest spec device can perform like a powerhouse. The best part is that I don’t have to worry about the physical condition of my device, because the heavy computing work is done on the Microsoft Cloud.
  • Lightening fast Internet speed always since my Cloud PC is in Azure, I get superfast access to the web and my cloud apps regardless of the speed my physical device is using.
  • Flexible: Windows 365 Cloud PC is not a one-size-fits-all solution. It’s a service that can cater to different sized organisations and needs of each user.

Here’s a quote from myself about how Windows 365 Cloud PC improved my productivity and efficiency:

Windows 365 Cloud PC is a game-changer for me. It allows me to work from anywhere, on any device, with the same performance and functionality as a physical PC. I can easily switch between tasks, collaborate with others, and access my files and apps in the cloud. I literally have my corporate desktop with me on any device at anytime, wherever I go.

Pricing and Licensing

OK… So take a seat as on the surface the cost of Microsoft 365 can look expensive.

Firstly, Microsoft offers two subscription models, Windows 365 Business for smaller businesses and Windows 365 Enterprise for larger ones.

Prices are per user, per month subscription based and range from £26 per user per month for the base model (2CPU/4GB RAM/64GB HDD) but can be as much as £146 a month for a powerhouse configuration of 8 CPU/32GB RAM/512HDD.

Both models share the same range of features and provide thirteen Cloud PC configurations to choose from to blend the right spec with the right person and role of Cloud PC within the organisation. Here is the full range of specifications:

Image (C) Microsoft.

Unlike virtual apps and shared/pooled desktops (such as Azure Virtual Desktop), with Windows 365, each user gets a dedicated corporate Cloud PC, meaning it will run all the apps they need to use.

IT managers dream…

Managed by Intune: Like physical PCs, Windows 365 Cloud PC is managed from Intune. IT can Configure auto patch, install and schedule apps, use Autopilot for zero touch provisioning, reset and reissue devices, up size (upgrade) and down grade the specification on the fly. Intune provides details stats on performace, usage and even makes recommendations on down or up sizing of the PC based on usage and performace

Smooth Migrations: IT can choose between Windows 10 and Windows 11 (or make both available to users). This can also be helpful as a migration and training method to prepare users for Windows 11. IT can also choose to give users local admin control (or not) and can even allow users to reset their Cloud PC devices themselves.

Good bye to hardware failures: Since Windows 365 runs in the cloud, there’s no hardware to go wrong. If a users physical laptop (or TV, xbox, phone etc) fails, nothing is lost.. They can resume on a new/different device and session continues where they left of… Even the cursor stays in the sale place!

The downsides?

To be honest, from a user experience there aren’t many, unless you are working where there is no or poor internet access. Writing this, I am sat in Nero on “free wireless”, knowing my connection is secure and I’m accessing my Corporate Device through an encrypted connection, with no data leaking between the host (personal PC) and my corporate device.

The price tag can be “off putting” but the ROI is high when you take into account carbon reduction (runs in Microsoft carbon neutral data centres), cost of hardware, repairs, re imaging, recycling, replacement every 3 years, and costs due to lost or stolen devices. Do the maths…

Cloud PC is not for every one… You’ll find great use cases and bad ones.. Such as contractors, new starters, remote and over seas staff, developers, finance and other specific roles. I cover use cases in a separate blog post…

Note: Offline Access is coming for Windows 365

Free to try for 30 days

Organisations interested in trying out Windows 365 Cloud PC, can speak to their Microsoft Partner and obtain a free 30-day trial, or buy a subscription from Microsoft 365 admin centre.


I hope you enjoyed reading my blog about Windows 365 Cloud PC.

If you have any questions or feedback, please leave a comment below. Thank you for reading!

Microsoft Ignite 2023: A new family of Copilots announced.

At Day One of Microsoft Ignite 2023 yesterday [Microsoft Ignite is Microsoft’s annual conference for IT techies, leaders and business decision makers, which is being held digitally and in-person at Seattle this week], the word Copilot certainly dominated almost every session (even those that weren’t specifically focussed on Copilot!).

The dominant themes of the event so far, has been around the role of generative artificial intelligence (Gen AI) in transforming businesses and empowering users.

With so many Copilots being announced since March this year (Microsoft 365 Copilot, Bing Chat, Security Copilot, GitHub Copilot etc.,) Microsoft used Ignite standardise the Copilot branding. Microsoft promoted the concept of a single “Microsoft Copilot” experience that works across all their apps and services, as well as a new Copilot Studio to allow organisations to build their own Copilots with “One experience across work and life“.

Copilot logo | Image (c) Microsoft

Whilst the branding made sense from a brand perspective, not all Copilots are the same which will no doubt make it difficult for many to understand – the previous names (whilst they did not roll of the tounge) were, IMO, easier to understand.

There are multiple different Microsoft Copilots. And GitHub Copilot and the Copilots used in Windows or Microsoft 365 apps have little in common and in some cases are trained on different LLMs to perform their core functions. Microsoft 365 Copilot is vastly different to Bing Chat for example – both are now simply called “Copilot”.

This blog attempts to summarise the key announcements and insights about the new Copilots from Microsoft Ignite 2023.

Recap: What is a Copilot?

In case you’ve been asleep for the past 8 months, “Copilot” is an AI assistant that helps users with specific tasks or scenarios, such as writing code, creating presentations, searching the web, or chatting with customers. In short, a Copilot can provide suggestions, recommendations, insights, or take in-app actions based on the user’s context, preferences, and goals. Copilot can also learn from the user’s feedback and behavior to improve its performance and relevance over time.

Microsoft has been developing and deploying Copilots across its product line since the start of the year and at Ignite 2023, they announced plans for a load more Copilots – some of which are now in preview, whilst others are still “to come”. Remember these will also be different and serve different purposes but will all fall under the new unified Copilot branding.

Microsoft have also launched a new and adaptive Copilot Website which will adapt to your experience dependent on your license entitlement. This can be found at https://copilot.microsoft.com

copilot.microsoft.com

We know how Microsoft like to name, rename, and then revert again (they did with Intune recently) so I wouldn’t be surprised if a different (or original) naming convention appears in the coming months!

Welcome to the new Copilots

Microsoft announced a bunch of new Copilots at Ignite 2023 which I have summarised below. I’ll share more updates on these are they move into preview or when I attend more of the live sessions.

  • Microsoft Copilot Studio: This is what will allow organisation to be build their own copilot and plug-ins using similar low-code tool as customers that use Power Platform will be familiar. This will allow organisations to build their own Copilots that can integrate their own data and back-end with the Microsoft eco system and Microsoft Graph. Copilot Studio can also work with OpenAI’s newly announced GPTs. Copilot Studio will be included within Microsoft Copilot for Microsoft 365 licenses (aka Microsoft 365 Copilot).
  • Microsoft Copilot Dashboard: This is public preview now and has been designed to help organisations that have got Microsoft 365 Copilot Licenses. This will help IT better analyse usage across apps and measure the impact on productivity that Copilot provides. Microsoft also said that organisations with Viva Insights will also get enhanced dashboard capabilities around how Copilot is helping them be productive and manage time.
  • Copilot for Service: This new Copilot connect is designed to connect Microsoft Office applications with third-party CRM and Contact-Center solutions. This will have a $50 pupm price tag, but will include a Microsoft 365 Copilot license, and will be generally available sometime early 2024. There will be a public preview in December.
  • Copilot for Azure: Annouced and already in preview – Copilot for Azure is designed to help Azure customers with designing, operating, optimising and troubleshooting their Azure workloads, infrastrucutre and applications.
  • Copilot for Fabric: This was originally announced back in May 2023 and includes several new AI assistants across the platform such as Power Automate. Each one will use the underlying Fabric analytics platform but will be designed for a different Fabric “experience” This is in preview now.
  • Copilot for Cosmos DB: This is essentially about helping developer write “NoSQL” queries. It will be embedded into the Cosmos DB Data Explorer and is a free tool for developers.
  • Copilot for Viva: This was orginally announced back in April this year. These are going into Public Preview in stages over the next few months for each tool within the Viva Suite.
  • Copilot for Loop: Loop is a new collaborative work space that lets you share workspaces, pages and compents of conent across difereince apps and services. The went into General Availability yesterday and it too is getting it’s own Copilot. The license for this is included within the Microsoft 365 Copilot license.

A new single website for all your Copilots – see above.

What are the differences and similarities among the Copilots?

While Microsoft wants to promote the idea of a single “Microsoft Copilot” experience that works across its software and services, the reality is that each Copilot has a different license, is trained on different data models (LLMs), performs different functions, and has also have different security and data permissions.

For example, GitHub Copilot, which helps users write code in various programming languages, is powered by OpenAI’s Codex model, which is trained on billions of lines of public code. GitHub Copilot is available as a technical preview for GitHub users who sign up for the waitlist. It is free for open source projects and personal use, but requires a paid subscription for commercial use.

On the other hand, Microsoft 365 Copilot, includes Copilot for PowerPoint, which can helps people create, update and innovate presentations from different data sources across Microsoft 365. It is powered by Microsoft’s “business ready” GPT-4 model, which is private to an organiation (no data leakage) and is grounded in your organisations Microsoft 365 Graph data. It also has access to the a large corpus of text from the web and other sources and can search the internet. PowerPoint Copilot is part of Microsoft 365 Copilot . PowerPoint will also have access to the Open AI DALLE-3 image creator.

Another example is Bing Chat (Consumer version), which helps users chat with Bing and get answers, information, or entertainment. Bing Chat is powered by Microsoft’s own Turing-NLG model and Chat-GPT4, which is trained on a large corpus of text from the web and other sources. Bing Chat is available as a free service for anyone who visits Bing.com or uses the Bing app. It does not include data protection or compliance features.

On the other hand, Bing Chat Enterprise, which helps users chat with their organisation’s data and apps. This is powered by the same , is powered by the same ChatGPT4 model and Turing-NLG model as Bing Chat, but does include data protection and compliance so it can bve used safely within an orhanistion without risk of data leakage. Bing Chat Enterprise is available as a paid service for Microsoft 365 subscribers and is included in Microsoft 365 F3, E3, E5, A3/A5 (faculty only), Business Standard and Business Premium plans.

As you can see, there are significant differences among the Copilots in terms of their data sources, functions, security, and licensing. However, there are also some similarities and commonalities among them.

For example, most of the Copilots use natural language processing (NLP) and natural language generation (NLG) techniques to understand and communicate with the user. Most of the Copilots also use reinforcement learning and active learning methods to learn from the user’s feedback and behaviour, and improve their performance and relevance over time. Most of the Copilots also use a similar user interface and interaction model, where the user can type or speak to the Copilot, and the Copilot can provide suggestions, recommendations, insights, or actions in a conversational manner.

What are the benefits and challenges of using Copilots?

Copilots will no doubt bring many benefits for users and organisations on a scale we are only just begining to image.

Microsoft shared some data from their latest work tend index report (link here) that Early adoptors of Copilot said users don’t want to go back to working without it with 77% saying they don’t want to give it up.

  • Saving time and effort: Copilots can help users complete tasks faster and easier, by providing guidance, assistance, or automation. For example, GitHub Copilot can help users write code faster and with fewer errors, by suggesting code snippets or completing code blocks. PowerPoint Copilot can help users create presentations faster and with more impact, by suggesting layouts, designs, or content.
  • Enhancing productivity and creativity: Copilots can help users achieve more and better outcomes, by providing insights, feedback, or inspiration. For example, Excel Copilot can help users analyze and visualize data better, by suggesting formulas, charts, or tables. Word Copilot can help users write and edit documents better, by suggesting words, phrases, or paragraphs.
  • Enabling learning and discovery: Copilots can help users learn new skills and discover new information, by providing explanations, examples, or resources. For example, Power BI Copilot can help users learn how to use Power BI better, by providing tutorials, tips, or best practices. Bing Chat can help users discover new facts, trivia, or entertainment, by providing answers, information, or fun.
Data from Microsoft Nov 23 Work Trend Index image (c) Microsoft

However, using Copilots brings about challenges and risks – some real, some perceived – such as:

  • Trusting and verifying: Since Copilots work on the available data, that can “make mistakes” or provide inaccurate or inappropriate suggestions, recommendations, insights, or actions, due to the limitations or biases of their data, models, or algorithms. Organisations need to provide training to users and make sure they understand the need to verify and review any content generated by Generative AI in order to be able to trust and verify the Copilots’ outputs. This may include checking their sources, methods, or evidence. People can also, and should be encouraged to provide feedback and corrections to the Copilots, by rating, reviewing, or reporting their outputs.
  • Protecting and complying: There are concerns that these Copilots “could” access or expose sensitive or confidential data or information, due to the nature or scope of their tasks or scenarios. Copilot in fact, operates under the context of the person using it so t has the same level of access than it’s “pilot” has. Organisations will need to review their data security and compliance policies to ensure the right permissions, controls and protections are in place. Copilot wont break these polcies but may well expose weaknesses in them. Organisations need to review data sharing polcies such as Data Loss Prevention to prevent confidential data leaving the organisation that Copilot has created. Employees need to need to be re-educated on this in many cases to ensure they understand how to use the various Copilots and how they work with your organisational data, the language models and the web. Users may also need to be aware of the Copilots’ privacy and security policies, by reading, understanding, and agreeing to their terms and conditions.
  • Balancing and controlling: Another concern of using AI tools is that these Copilots may “influence” or affect the user’s decisions or actions, due to the power or authority of their suggestions, recommendations, insights, or actions. Users need to be able to balance and control the Copilots’ impacts, by applying critical thinking, judgment, or ethics. Users also need to be able to choose and customize the Copilots’ settings and preferences, by adjusting their levels, modes, or options. You can read Microsoft’s guidance on Responsible AI here.

Conclusion

GenAI is going to be infused into every tool and product Microsoft has and with Copilot Studio, organisations will be able to build their own plug-ins, connectors or deicated Copilots for every business need. 2024 will be the year all these annoucements really come into fruiotion. Its gonna be a roller coaster.

Copilot (what ever flavour) is still in preview or new and many will be looking to see real life ROI and drive organisational pilots to help.


Read more.

The end of Windows Server 2012 – Band-aid it or innovate it?

What has happened?

Support for Windows Server 2012 and Windows Server 2012 R2 ended on 10th Oct 23.

This means that the security updates that rolled out in this month’s Patch Tuesday was the last for Windows Server 2012, meaning that there will be no more security updates, non-security updates, bug fixes or technical support.

What are my options

With any end of support stages, there are always options. In short these can be summarised as:

  1. Do nothing [not the best idea]
  2. Upgrade to a supported version of Windows Server [this means upgrading to Windows Server 2022]
  3. Purchase Extended Security Updates (ESUs) for Windows Server 2012 – [these provide one to three years of security updates only – no new feature or bug fixes]
  4. Migrate the on-prem 2012 servers to Azure [by doing this and receive up to three years of free Extended Security Updates (ESUs) for free]

Option four is a logical choice for most – from an operational, cost and sustainability perspective – besides of course mitigating the immediate increased security risk (with free security updates for 3 years)

So why is now the right time to migrate and modernise with Azure?

Shifting on-prem servers to Microsoft Azure provides many benefits including reduced maintenance/support costs, less/no power usage (good for your CO2 numbers), flexible and predictable pricing, and an opportunity to migrate and modernise the workloads running on these servers to platform-as-a-service (PaaS) for example Azure SQL or Azure App Services. You can of course migrate to Azure and still upgrade to Server 2022 if you are not ready to move to PaaS 😊

Your Azure / Cloud Partner can help

Many organisations are eligible for “migration assistance”, usually in the terms of funded assistance from their Azure Migrate partner or directly through Microsoft. Depending on where you are on your Cloud journey, the Azure Migrate and Modernisation Program is designed to simplify and accelerate an organisations cloud migration and modernisation projects and offers by working with a certified Azure partner.

Working with Microsoft and your Azure partner (like Cisilion) can help you by providing: –

  • A Proven Approach: We use best practices based on the Microsoft Cloud Adoption Framework for Azure and Well-Architected Framework at every stage of your cloud adoption journey.
  • Expert Assistance: We provide industry and hands on guidance direct from certified Azure engineers – we help by assessing your environment, planning migrations, and can support your transition.
  • Inclusive support: If you choose to use us as your Azure partner, we can also provide your Azure licensing through the Cloud Solution Provider programme (CSP) which includes inclusive 24/7 support at no extra cost.
  • Cost Savings: Our expertise in cost optimisation, platform design and fin ops means that not only can we help you minimise migration costs (with funding assistance), but we ensure right sizing, the right licensing models and the right terms – typically saving organisations more that 38%.

Microsoft September 2023 News: The new and exciting stuff

Microsoft hosted a live Surface and AI event on Thursday 21st September where they announced a lot of new and exciting features and products across its various platforms and services. In this blog post, I have tried to summarise the most notable ones and explain how they might benefit you and your organisation.

Disclaimer (and product plug) - Since this was an AI event in whole, I also want to state that other than some slight tweaks, this blog post was written by Bing Enterprise Chat - Microsoft Designer created the image. The whole thing took less that 10 minutes. 

Copilot: Your AI Assistant at Work and Beyond

Copilot is a new feature that uses artificial intelligence (AI) to help you with various tasks, such as drafting emails, summarizing texts, creating images, and more. You can access Copilot from Windows 11, Microsoft 365, Edge, and Bing, and chat with it in natural language. Copilot will understand your intent and provide relevant assistance based on the context and your data.

For example, you can ask Copilot to draft an email for you with a specific tone, or to generate a graphic art based on your description. You can also use Copilot to answer questions, troubleshoot your PC, control your settings, and access recommendations. Copilot is designed to save you time, reduce your cognitive load, and ignite your creativity.

Copilot will be generally available for enterprise customers on November 1st, and for a select group of consumers and small business customers as part of the Early Access Program (EAP). It will initially be limited to three hundred licenses and will cost $30 per user per month.

Windows 11: The Most Powerful and Personal Windows Ever

Windows 11 is the latest (and IMO best) version of the Microsoft’s desktop operating system that powers millions of devices around the world. Windows 11 offers a fresh and modern design, improved performance, and security, and a more personalised and connected experience. They announced the latest update coming next week (Sept 26th). Some of the new features in Windows 11 will include:

  • An updated Start menu that gives you quick access to your apps, documents, and settings.
  • An updated Taskbar that lets you easily switch between multiple instances of each app, hide the time and date, and end tasks with a right-click.
  • A new Dev Home that helps you set up your development environment by downloading apps, packages, or repositories, connecting to your developer accounts and tools, and accessing experimental features in WSL.
  • A new Dev Drive that provides a fast and secure storage volume for developers, with a file system that delivers both performance and security.
  • A new WinGet Configuration that simplifies the setup process for developers by reducing it to a single command.
  • New Gallery in File Explorer that makes it easy to access your photo collection across all your devices.
  • A new Snipping Tool that lets you record your screen with audio and mic support, copy and redact text from a screenshot, and edit your images with Paint.
  • A new Photos app that has new editing capabilities to achieve stylish background blur effects and makes it easier to find specific images backed up in OneDrive.
  • Updated Narrator that uses natural human voices in new languages, and lets you use voice access to log in to your PC and access other areas on the lock screen.
  • Refreshed Notepad app that automatically saves your session state, allowing you to close Notepad without any interrupting dialogs and then pick up where you left off when you return.
  • A new Instant Games feature that lets you play your favorite casual games directly from the Microsoft Store without the need to download and install them on your device.
  • Windows Copilot – Your Copilot for Windows.

Windows 11 also announced general availability of Windows 365 Boot and Windows 365 Switch, which allow you to log into your Windows 365 Cloud PC as the primary Windows experience on the device or easily switch between the Cloud PC and the local desktop. Windows 365 is a cloud PC service that lets you stream a full Windows experience from anywhere on any device and is fully managed from Intune.

This update will start rolling out as a free update on September 26th.

Surface: The Ultimate Devices for Work and Play

Surface is Microsoft’s line of devices that combine innovative design, powerful performance, and versatile functionality. Surface devices are built to work seamlessly with Windows 11 and Microsoft 365, offering the best productivity and creativity tools for work and play. I am a massive fan of Surface

The new / refreshed Surface devices include:

  • Surface Laptop Studio 2: The most powerful Surface ever built, with the latest Intel Core processors, NVIDIA Studio tools for creators, touchscreen display, and flexible design with three unique postures.
  • Surface Laptop Go 3: The lightest and most portable Surface Laptop, with touchscreen display, premium features like an incredible typing experience and a Fingerprint Power Button, and four stylish colours.
  • Surface Go 4: The baby Surface Pro is this time, available only for corporate and not consumer market (why??), the device is the same dimensions as before but is more repairable (the most repairable and sustainable device int he Surface Fleet). It ditches the 4GB RAM option (good) and brings a higher spec entry level processor. Pricing increases too which is a shame as is ditching consumer market. These are great for school kids.
  • Surface Hub 3: The ultimate collaboration device for teams, with a large interactive display that runs the Microsoft Teams Rooms experience. Surface Hub 3 pairs seamlessly with Teams-certified devices and supports Hub on day one. There was also an upgrade announced for Surface Hub 2S customers to upgrade to Surface Hub 3,

The new Surface devices are available for pre-ordering now.

Microsoft 365: The World’s Productivity Cloud

Microsoft 365 is a cloud-based subscription service that offers the best productivity apps for work and life. Microsoft 365 includes apps like Outlook, Word, Excel, PowerPoint, OneNote, OneDrive, Teams, Stream, Loop, Clipchamp, and more.

Microsoft 365 Copilot (which will be available from 1st November) is an add-on service at $30 per user per month and provides in-built AI-powered features and services that help you get more done across all your Office 365 apps and services – with support also coming to Microsoft Designer, Loop and Clipchamp and more.

Some of the new features and services in Microsoft 365 include:

  • Copilot in Outlook, Excel, Word, Loop, OneNote, Stream, and OneDrive: Copilot is integrated into various Microsoft 365 apps to provide AI assistance for different tasks. For example, you can use Copilot in Outlook to draft emails, in Excel to create charts, in Word to summarize documents, in Loop to generate content blocks, in OneNote to take notes, in Stream to transcribe videos, and in OneDrive to find files.
  • Generative Expand, Fill, and Erase in Microsoft Designer: These features let you manipulate images in creative ways, such as expanding the canvas, filling in missing areas, or erasing unwanted objects. Generative Erase is generally available now, and Generative Fill and Expand are coming soon.
  • Copilot Lab: Copilot Lab is a feature that lets you learn how to use Copilot effectively, share your favorite prompts with coworkers, and get inspired by other users. Copilot Lab will be accessible to all Microsoft 365 Copilot users once it’s generally available in November.
  • Mobile Application Management (MAM) for Windows: This feature allows employees to access organisational resources through Microsoft Edge from an unmanaged device, while giving IT the ability to control the conditions under which the resources can be accessed.

Bing and Edge: The Smartest Way to Search and Browse

Bing and Edge are Microsoft’s search engine and web browser that offer a fast, secure, and personalized way to search and browse the web. Bing and Edge use AI to provide relevant information and assistance based on your needs and preferences.

Some of the new features and improvements in Bing and Edge include:

  • DALL-E 3 in Bing Image Creator and Microsoft Designer integration: Bing Image Creator is a feature that lets you create images from text descriptions using AI. Bing Image Creator is now powered by DALL-E 3, which produces more realistic and detailed images. You can also access Bing Image Creator directly from Microsoft Designer for further editing.
  • Content Credentials: Content Credentials is a feature that uses cryptographic methods to add an invisible digital watermark to all AI-generated images in Bing. This helps you verify the origin and authenticity of the images. Content Credentials will be supported in Bing Image Creator, Microsoft Designer, and Paint soon.
  • Bing Chat Enterprise: Bing Chat Enterprise is a feature that lets you chat with Copilot from the Edge mobile app. You can also use multimodal visual search and Image Creator from Bing Chat Enterprise.
  • Copilot in Microsoft Shopping: Copilot in Microsoft Shopping is a feature that helps you find what you’re looking for more quickly. You can ask for information on an item, and Bing will ask additional questions to learn more. Then, Bing will use that information to provide more tailored recommendations. This feature will be available soon on both PC and mobile.
  • Personalised Answers: Personalised Answers is a feature that uses your chat history to inform your results. For example, if you’ve used Bing to track your favorite soccer team, next time you’re planning a trip it can proactively tell you if the team is playing in your destination city. Personalized Answers will begin to roll out soon.

Microsoft Advertising: The Best Way to Reach Your Customers

Microsoft Advertising is a platform that helps businesses connect with their customers across the web. Microsoft Advertising offers various solutions and tools to create effective and engaging ads that reach the right audience at the right time.

Some of the new features and improvements in Microsoft Advertising include:

  • Copilot in the Microsoft Advertising Platform: Copilot in the Microsoft Advertising Platform is a feature that simplifies and enhances every aspect of your experience with the platform. You can use Copilot to create campaigns, get content recommendations, optimize your performance, and more. This feature will be coming soon.
  • Compare & Decide Ads: Compare & Decide Ads are a new type of ads that pull relevant data of various products or services into a succinct table. This helps users easily evaluate different options based on their criteria. Compare & Decide Ads will be available for cars initially and will be brought to closed beta in early 2024.

Conclusion

These are just some of the highlights from the Microsoft September 2023 News. There are many more features and products that we didn’t cover here, but you can find them on the current web page context. I hope you are excited about these new developments, and I would love to hear what you are most excited about.

Microsoft announces Microsoft 365 Copilot availabilty

Today (Thursday 21st September) at a live event in New York, Microsoft announced their “revised” vision, release date and confirmation of pricing for Copilot – a “digital companion for your whole life”. Microsoft have said this this Copilot will create a single Copilot user experience across Bing, Edge, Microsoft 365, and Windows (plus more services that will come later). There’s also a new logo!

The Copilot experience promises to be consistent across all platforms and products – Microsoft 365, Bing, and Windows 11.

You can read the full blog from Microsoft here, but in summary here’s all the goodness that was announced.

Image (c) Microsoft

Microsoft Copilot in Windows

This has been in preview with Windows Insiders for a while and is essentially the new and revamped “cortana” [ok its far more than that].  Microsoft describe this as “a digital companion for your whole life” and will be nested into Windows 11 from September 26, 2023. 

  • Windows Copilot will be embedded into Windows 11 and will bring generative AI, search, and the ability to control apps and services within your desktop environment.
  • Currently in preview – will start rolling out starting from September 26 as part of 23H2.
  • Windows Copilot will also support third part app support like Spotify and Adobe.

Microsoft 365 Copilot

Described by Microsoft as “your AI assistant at work”, this was initially announced back in March as been in closed invite only Early Access Preview since June.

Microsoft 365 builds includes enterprise-grade security, privacy, compliance, and responsible AI to ensure all data processing happens inside your Microsoft 365 tenant—using which will be natively built into the Microsoft 365 apps and services everyone already uses like Teams, Excel, PowerPoint, and Word.

  • This will be available for enterprise customers for $30 per user per month
  • It requires a base license of Microsoft 365 E3, E5 or Business Standard or Premium
  • It will be available from November 1st to purchase
  • Includes the new Microsoft 365 Chat (formally Business Chat).
  • Rollout will be staggered – with release first to EA customers who were on the Early Access Programme and then will be available in phases there-after. Customers are advised to speak to their Microsoft Team for more information.

Note: Whilst this is great – IMO it is a little too soon (about 4 months sooner than most expected). Organisations do need to ensure their data lifecycle, governance, compliance, and security is in top shape to get the most from Copilot in Microsoft and there are strong recommendations about getting Copilot Ready – I have covered this here previously. This is an area I’m working a lot with organisation with at the moment – helping with use cases, data preparation, training, awareness, security, and governance.

Bing Chat Enterprise

This has been in public preview for a couple of months for Commercial and Education customers and is the same as Bing Chat for consumer (which is also free) but brings commercial data protection for AI

  • This is available free for Microsoft 365 E3 and E5, Business Standard, and Business Premium customers or at a cost of $5 as a standalone
  • Bing Chat Enterprise adds commercial data protection to Bing Chat, ensuring that sensitive business data is never seen by anyone, never stored, and never used to train the foundation models.
  • Support multimodal visual search and Image Creator and will also be available on Microsoft Edge and Bing mobile app

Oracle database services to be run from Microsoft Cloud

“Rival” tech giants Microsoft and Oracle have announced a deepening of their four-year cloud partnership in a move that will see Oracle physically locating their Exadata hardware in Microsoft’s data centers in order to speed up their apps and improve the customer experience.

Known as Oracle Database@Azure, this will result in Oracles’ customers having direct access to Oracle database services running on Oracle Cloud Infrastructure but deployed physically into Azure data centers. Microsoft and Oracle said this this will mean their shared customers will be able to operate, monitor and manage their Oracle services directly from the Azure Cloud dashboard, instead of having to run a separate Oracle dashboard.

It’s all about AI and Data

AI needs data and and Oracle is big in data!
The reason for the deeper integration between Oracle and Microsoft is to leverage more value in each others services – linking Microsoft’s middleware, AI and software and services with Oracle’s Autonomous Database in a way that will reduce the latency which usually occurs when accessing and acting on data from muti cloud environments.

This extended partnership aims to bring together Oracle’s hardware and software with all the advanced functionality Microsoft brings in their extensive and global cloud services.

“You have to have data to deploy AI, and that data might reside in an Oracle database. With this collaboration, we can bring Azure OpenAI to Oracle data.”

Sayta Nadella | Microsoft.

Accelerating Digital Transformation

Oracles’ Larry Ellison said that this is interesting for existing and new applications. He said that “Many customers have partially migrated to the cloud, but a lot of data is still on-prem… “

With further cooperation between Microsoft and Oracle, both claim this will help speed up and simplify the cloud migration and modernization process by making it easier for customers to get their data into the Cloud and to manage their Oracle and Microsoft cloud services from a single place.

Larry Ellison said at the end of the annoucement that hundreds of their customers are now using the interconnect between Microsoft and Oracle, but their customers still need faster, lower latency integration and this is what this will do. “We’ve made the network invisible and can now interconnect everything (Oracle) within Azure without realising you’re dealing with multiple stacks and multiple technologies”.


This level of partnership and collaboration demonstrates how technology and customer demand have driven more cooperation among software and cloud giants.

“Our expanded partnership with Oracle will make Microsoft Azure the only other cloud provider to run Oracle’s database services and help our customers unlock a new wave of cloud-powered innovation” .

Satya Nadella | Microsoft.

Read the full annoucement here.

Key takeaways from Cisco’s 2023 Network Trends Report

Cisco has just published their 2023 Global Networking Trends Report. This report covers some of the emerging networking trends in the multi-cloud world, and how they affect the IT operations and security of organisations. The report is twenty-one pages long and covers some interesting trends and observations from more than 2,500 IT leaders in 13 countries across North America, Latin America, Asia Pacific, and Western Europe (including the UK).

Image (c) Cisco

My key take aways from the report

  • Hybrid work and multi-cloud adoption are driving the need for innovative approaches to securely connect remote workers to corporate data and assets distributed across multi-cloud environments with a huge need (40% of respondents) to de-silo operations and bring together network and security controls and visibility.
  • Cisco says that “providing secure access to applications distributed across multiple cloud platforms” is the top challenge cited by 41% of networking professionals, followed by gaining end-to-end visibility into network performance and security (37%).
  • Growth and demand for SASE. SASE (Secure Access Service Edge) is a convergence architecture that delivers simplified and consistent security and performance for multi-cloud access and hybrid work. Cisco are a leading vendor in the SASE space which combines SD-WAN (Software-Defined Wide Area Network) and SSE (Security Service Edge) into a single, integrated SaaS security offering.
    • In the report, Cisco highlighted that 47% of respondents expect to connect their branches and remote clients using a SASE model by mid 2025, while 59% said that they will be prioritising centralising and consolidating cloud security over the same period.
  • Extending SD-WAN connectivity consistently across multiple clouds can automate cloud-agnostic connectivity and optimize the application experience. 53% of respondents prioritise integration with cloud service providers for this purpose5.
  • End-to-end network visibility and predictive analytics are essential for ensuring a consistent user experience across the complex digital service delivery chain, especially around SaaS apps with 51% of respondents prioritising end-to-end network telemetry and visibility. 47% of respondents said they will be prioritising predictive network analytics.
  • More organisations are multi-cloud than ever before with 92% of organisations reporting that they use more than one public cloud service (includes SaaS, IaaS and PaaS).

How Cisco Technology can help address these challenges

Cisco provide a comprehensive portfolio of products that can help organisations address many of the challenges of multi-cloud networking and security which fall into the SASE and SD-WAN categories. These include:

  • Cisco SD-WAN with edge security stack or SD-WAN with Umbrella Cloud Security (SASE) both leverage the Cisco Identity Service Engine’s Security Group Access Control Lists for segmentation policy management and enforcement across the WAN.
  • Cisco SD-WAN integrated with Cisco Umbrella SIG for a cloud-delivered SASE model that seamlessly secures access wherever users and applications reside.
  • Cisco Cloudlock, – Cisco’s cloud-native cloud access security broker (CASB) that helps secure your use of SaaS applications 
  • The Cisco SD-WAN and these SSE collaborations provide a range of SASE deployment options for our Partners and Managed Service Providers (MSPs), allowing them to utilize a mix of networking and cloud security solutions to offer multiple managed options to enterprises at various stages of their SASE journey 3.
  • Cisco Secure Access Service Edge (SASE) is a cloud-native platform that combines SD-WAN, SWG (Secure Web Gateway), ZTNA (Zero Trust Network Access), DNS-layer security, CASB (Cloud Access Security Broker).

The table below shows the key challenges discussed in the report and the corresponding solutions from Cisco that can help address them:

ChallengeSolution
Providing secure access to applications distributed across multiple cloudsSASE (Secure Access Service Edge), a convergence architecture that delivers simplified and consistent security and performance for multi-cloud access and hybrid work. SASE It combines SD-WAN (Software-Defined Wide Area Network) and SSE (Security Service Edge) within Cisco’s cloud platform
Gaining end-to-end visibility into network performance and securityCloud-based network detection and response solutions, such as Cisco Secure Cloud Analytics, which provides visibility and threat detection for an organisations’ network across public, private, and hybrid cloud environments.
Extending SD-WAN connectivity consistently across multiple cloudsSD-WAN multi-cloud integrations, which allow networking and cloud teams to accelerate and automate extensions from enterprise sites to various cloud providers and other enterprise sites through Internet, interconnect, or colocation and cloud provider networks.
Siloed cloud, network, and security operationsCloud-centric operating model, which brings cloud operating model principles to the network and across the entire cloud/network IT stack, enabling more integrated workflows and better collaboration between network, security, and cloud operations.
Visibility into end user experience and performance of multiple Cloud SaaS appsCisco ThousandEyes provides real-time and historic view into the availability of thousands of different SaaS apps. It allows IT to monitor all employee’s user’s digital experience against software as a service and on-prem applications, regardless of where users are, through the essential elements of your SASE architecture. With ThousandEyes, organisations can gain back visibility and control over SaaS applications and ensure that they are performing optimally.
Table 1 – How Cisco technology addresses the challenges of securing and managing Networking and Security across multi-cloud environments,

Summary

Cloud is the new data center, Internet is the new network, and cloud offerings dominate applications. By gaining a view of global Internet health and the performance of top SaaS applications, IT teams can proactively detect and remediate major unexpected network or application issues affecting them as soon as they happen.

Based on the report, Cisco say that organisations can mitigate against many of the challenges discussed by adopting a cloud-centric operating model that brings cloud operating model principles to the network and across their entire cloud/network IT stack. This can enable more integrated workflows and better collaboration between network, security, and cloud operations.

Bing Chat Enterprise is now available “free” to businesses

Microsoft have unveiled another way for employers to empower their workforce with the announcement and preview availability of Bing Chat Enterprise by giving them better answers, greater efficiency, and new ways to be creative. Microsoft say it’s “Secure AI-powered chat for work.”

Bing Chat Enterprise | Microsoft

Secured with Microsoft Entra – Conditional Access

Bing Chat brings the power of generative AI to work, however, consumer Generative AI services like ChatGPT and Bing Chat (consumer), are helping people get answers, generate code, content and find things, but using these consumer servers for work, inadvertently puts corporate data at risk since it’s being shared with public AI services which use your data and your searches to train and teach their language models.

This is where Bing Chat Enterprise comes in! With Bing Chat Enterprise, organisations gets all the goodness of “AI-powered chat for work” with the commercial data protection organisations demand. “What goes in—and comes out—remains protected”, Microsoft say, which means employees get secure and managed access to better answers, greater efficiency, and new ways to be creative. User and business data is protected and will not leak outside the organisation, and chat data is not saved, viewed or accessible by Microsoft or used to train their language models.

What’s more, access to Microsoft Bing Chat Enterprise is secured and governed for seamless, managed access to using Microsoft Entra ID (Azure Active Directory) and organisations can also customise “Microsoft Search” to build out and map business answers within the Microsoft 365 Admin Centre.

How do you enable Bing Chat Enterprise?

To enable this, you need to ensure that Microsoft Search has not been disabled in your tenant and then go to https://aka.ms/TurnOnBCE as a Tenant Admin in Microsoft 365 and then enable the Bing Enterprise Chat feature as shown below ⬇️. The settings can take up to 4 hours to apply….

Enabling BCE in Microsoft 365 Admin Centre

How does Bing Chat Enterprise Work?

Video (C) Microsoft.

Privacy and Data Protection

Because workplace chats might contain sensitive data, Bing Chat Enterprise is designed with commercial data protection in place to keep organisational data safe.

Chat: When users ask questions in chat, it’s called a prompt. Those prompts can send generated searches (also known as queries) to Bing, and the resulting answer is called a response. User and business data is protected and won’t leak outside the organization. What goes in—and comes out—remains protected. Chat data isn’t saved, and Microsoft has no eyes-on access to it—no one sees it. And your data isn’t used to train the underlying models.

Search: Any searches generated by Bing Chat have workplace identities removed before they’re sent to Bing. The searches aren’t linked to users or business by Bing and any searches sent to Bing are under the terms of the Microsoft Services Agreement and covered by the privacy statement.

Organisational data: Bing Chat Enterprise doesn’t have access to organisational resources or content within Microsoft 365, such as Word documents or PowerPoint presentations. Only content provided in the chat by users is accessible to Bing Chat Enterprise.

Plugins: Importantly, Bing Chat Enterprise doesn’t have plugin support to prevent any commercial data from being sent to any external providers.

Chat history: Bing Chat Enterprise doesn’t retain chat prompts or responses. With Bing Chat history disabled for Bing Chat Enterprise users, no previous chats are maintained or available to users.

Azure Active Directory is now “Entra ID”

Today, Microsoft have announced the next milestone in their expanded vision for the unified secure access with some huge changes to their unified access and security offering Entra which has now become the brand name for all things identity and access management. Along with that is a name change to Azure Active Directory to Entra ID.

Is Azure AD discontinued?

No… This is a name change that is a result of the shift to a truly end to end multi cloud identity and access solution that spans beyond simply Microsoft 365 and Azure. The name change is designed to reflect it’s new and enhanced capabilities.

In the last 12 months, we saw an average of more than 4,000 password attacks per second, an almost threefold increase from the 1,287 attacks per second we saw the previous year.

Microsoft Security Intelligence Report

With this they have announced they are expanding their Microsoft Entra suite into the Security Service Edge (SSE) category with the launch of two new products.

Microsoft Security Service Edge
  • Microsoft Entra Internet Access and
  • Microsoft Entra Private Access.

Microsoft Entra Internet Access is an identity-centric Secure Web Gateway that protects access to internet, software as a service (SaaS), and Microsoft 365 apps and resources. It extends Conditional Access policies with network conditions to protect against malicious internet traffic and other threats from the open internet.

Microsoft Entra Private Access is an identity centric Zero Trust Network Access that secures access to private apps and resources. Designed to reduce operational complexity and cost by replacing legacy VPNs with simple yet granular security to ensure that any user can quickly and seamlessly connect to private apps across hybrid and multi cloud environments, private networks, and data centers from any device, from any location and from any network.

The goal and vision of Microsoft here is to help organisations secure access to any app or resource, from anywhere. Microsoft say in their security blog that the flexible work arrangements we have become accustomed too, along with continued increase cloud adoption continue to put strain on traditional and legacy corporate networks and network security approaches. Using VPNs to backhaul traffic to the legacy network security stack weakens security posture and damages the user experience while using siloed solutions and access policies leaves security gaps.

Both are now in preview….

The renaming of Azure Active Directory (Azure AD) to Microsoft Entra ID was also announced which Microsoft say has been done as Microsoft to simplify the product naming conventions and to unify their expanded product family. The change was made as Azure AD now supports multi-cloud meaning the name Azure AD no longer represented the breadth of its offerings.

Azure AD is now Entra ID

Personally not a fan of the name change even though their reasoning makes sense… Everyone knows what Azure AD is (or maybe that’s the problem… they think they do!)… Even Microsoft Teams wasn’t sure about it.!

😂

Microsoft say that that the currently capabilities and licensing plans, sign-in URLs, and APIs will remain unchanged, and all existing deployments, configurations, and integrations will continue to work as before.


You can read more about these recent changes and announcements here.

What is Microsoft fabric?

Today, fueled by the growth and demand of AI, data plays a crucial role in digital transformation and gaining a competitive Edge. Microsoft say that today’s data lakes can be fragmented, messy and complicated, making it hard for organisations to create, integrate, manage, and operate data lakes.

Microsoft, having recognised this, announced at Microsoft Build 2023, Microsoft Fabric, which provides an end-to-end platform that can bring together all the necessary data and analytics tools for an organisation. Fabric integrates Azure Data Factory, Azure Synapse Analytics, and Power BI into a single, seamless product, empowering data, and business professionals to unlock the full potential of their data.

Microsoft Fabric is in public preview.

What is the use of Microsoft Fabric?

Microsoft Fabric is made up of multiple subsystems, is “lake-centric”, open and extensible and is backed by a shared platform providing world class, enterprise grade, robust data security, governance, and compliance.

Microsoft Fabric – Image (c) Microsoft

Microsoft Fabric is essentially umbrella that sits over the top of Microsoft’s three main Data Analytics products – Power BI, Azure Data Factory, and Azure Synapse. It is a third generation of data platform.

First generation data platforms, such as SQL, SQL Data Warehouse and HDInsight, were inherently isolated data platforms built on traditional data products. Second generation data platforms such as Azure Synapse Analytics, went further by providing integrated platforms at a UX level were still disjointed at the data level. This third generation of data platforms like Microsoft Fabric, builds upon the Synapse “unification” approach but are focussed on enabling data-level interoperability and insights powered by Azure AI.

What are the benefits of using Microsoft Fabric?

The benefits of using Microsoft Fabric include reduced complexity, increased agility, improved security, and reduced costs through unified capacities. Powered by Microsoft AI, and natively integrated into Microsoft 365 applications such as Excel, PowerBI, Teams, and Dynamics 365. Fabric also supports thousands of connectors and deep APIs to allow organisations to better to connect almost any application, workflow, or data source.

Fabric announcement at Build 2023

Fabric has been designed to empower every business user by deeply integrating with Microsoft 365 applications and provides a rich set of connectors and APIs. Power BI, a core component of Fabric, is seamlessly integrated with popular applications like Excel, Teams, PowerPoint, and SharePoint and as such this deep integration allows users to discover and analyse data directly within these applications, driving a data culture and enabling better decision-making without the needs to switch applications or context.

How does it compare?

Fabric is a complete analytics platform that should eliminate the complexity and expense of integrating and administering multiple subsystems from different vendors. This means users get a truly unified experience and architecture, providing all the capabilities required for extracting insights from data and presenting them to business users. Moreover, Fabric offers role-specific experiences for various teams involved in the analytics process, ensuring a seamless workflow for data engineers, data scientists, analysts, and business users.

Fabric’s lake-centric and open approach is another key differentiator. Fabric includes a multi-cloud data lake called OneLake, which simplifies data management, integration, and operation. OneLake aims to eliminate data duplication and vendor lock-in by organising data into an intuitive hub. OneLake supports open data formats such as Delta and Parquet and allows organisations to work with a single copy of the data across all their Fabric workloads. This reduces cost, vendor lock in, complexity, and management overhead.

OneLake is the core of Fabric – a single storage account for an organisations multi-cloud data, whether that is inside of Azure, AWS or in a private DC. It is a single, logical “data lake” containing all an organisations’ Fabric workloads

Fabric is powered by AI, through Azure OpenAI Service, which is integrated at every layer, it will enable users to leverage the latest generative AI capabilities to quickly find insights across all their data. The upcoming Copilot feature will provide conversational dialogue that will let users quickly create dataflows, build models, and visualise the results using natural language queries and dialogue.

Availability and Pricing

Microsoft Fabric is currently available in preview, and organisations can sign up for a free trial to experience its capability.

Whilst this is in preview, pricing is not final, however, Microsoft say that to share content and collaborate in Microsoft Fabric, your organisation needs to have an organisational license and at least one individual license. A Microsoft Fabric subscription consists of tenants, capacities, and workspaces and can be organised in different ways to fit the needs of your organisational needs.

In short, an organisation needs capacity licenses and individual user licenses. The following information from Microsoft on Fabric Licensing which you can read more here.

Capacity is a dedicated set of resources reserved for exclusive use. It offers dependable, consistent performance for your content. Each capacity offers a selection of SKUs, and each SKU provides different resource tiers for memory and computing power

Individual licenses allow users to work in Microsoft Fabric.

  • Free – which allow users to create and share Fabric content in Microsoft Fabric so long as they have access to a Fabric Capacity (trial or paid).
  • Pro – A Pro license lets users share Power BI content with other users. Every organisation needs at least one Pro license if they intend to work with Power BI. If you’re purchasing a Microsoft Fabric license for your organisation, ensure you purchase at least one Pro license for your organisation.

When is Microsoft Fabric available?

Microsoft Fabric is currently in public preview and is generally available. In November 2023.


Summary

In summary, Microsoft Fabric is comprehensive and integrated solution for data and analytics designed to maximise the AI era. Fabrics’ unified platform, lake-centric approach (OneLake), AI-powered features (including its own Copilot), seamless integration with Microsoft 365, and cost-saving benefits. Fabric aims to simplify, align, and streamline how organisations leverage the power of their data for insights and decision-making. This is public preview today and will be generally available from November.

Evaluating the user experience and cases for Windows 365

Windows 365 is “Windows as a Service – a cloud-based service that automatically creates a new type of Windows virtual machine (Cloud PCs) for users. Each Cloud PC is assigned to an individual user and is their dedicated Windows device. Windows 365 provides the productivity, security, and collaboration benefits of Windows and Microsoft 365.”

Windows 365 is “similar” to a dedicated virtual desktop assignment in an Azure Virtual Desktop (AVD) environment, but is delivered as a SaaS service, providing a dedicated Cloud PC that users can remotely sign in to. It is also significantly simpler to set-up and manage that VDI infrastructure and offers a simpler commercial model.

You may ask yourself, “Why would I want to stream a computer to….well another computer?” Well – there is more to that – let’s look at Microsoft Marketing!

Fruit of the Loom – because one-size doesn’t fit all.

Just like your Microsoft 365 subscriptions, Windows 365 is available in both Business and Enterprise Versions.

  • Windows 365 Enterprise is designed for organisations who have already invested in Microsoft’s Endpoint Manager and using Endpoint Manager to deploy and manage their Windows 10/11 devices. This means that if you want to start using Windows 365 Enterprise you will also need a license that includes Intune.
  • Windows 365 Business is aimed at any size organisation with less than 300 users that need a Cloud PC. This is the same service – but a little more no-frills. Windows 365 Business does not support joining to a custom (Azure) Vnet, and also does not allow users to connect to on-premises resources (yet) – it is for Cloud Native users.

What is best for your organisation is based on a couple of things. If you want to have a quick lightly managed device for your end users or are just running a pilot – Windows 365 Business is a good place to start (it’s cheaper too). If you want to have more control, access on-prem resources and manage the Cloud PCs in the same way you manage your physical desktops then Windows 365 Enterprise is best. To see a full comparison, check out the docs from Microsoft.

Pricing

Windows 365 is available through three plans. Each plan is available as Windows 365 Enterprise or Windows 365 Business edition and each plan is of course priced differently ranging from £23.90 (RRP) for Business Basic all the way up to £56.20 for Enterprise Premium which has 16GB RAM/4 CPUs and 128GB Storage – you can also customise your own spec if you like!

  • Basic: For running light productivity tools, frontline tools and browser-based apps
  • Standard: For most users that need full range of productivity tools & line-of-business apps.
  • Premium: For users that need high-performance compute and heavier data processing.

I’ve been running on a mid-range Windows 365 Enterprise Cloud PC with 8GB RAM and 128GB Storage which was ample for all my day-to-day use

The User Experience – Test Flight

Windows 365 is available on a browser or dedicated app on Windows 10 and Windows 11 (and soon for iOS and Android). Regardless of how you access it, the user experience is an instant (well actually always on if you prefer), high-performance and reliable personal desktop experience (that’s also optimised for Microsoft Teams and your other Microsoft 365 apps) regardless of the apps you use. Once running fall screen, you totally forget is a Cloud PC – even things like touch and pen work if your physical device has those properties.

Windows 365 User Experience

Who’s is Windows 365 for?

Windows 365 isn’t designed for the consumer market. Instead, it’s for companies and enterprises that need to deploy a network over a large area. It’s also designed to allow businesses to utilize computing power as they see fit.

The question – will the Cloud PC “era” revolutionise business computing, after VDI has (and is in some areas) still heavily used from a security, agility, and remote purpose.

One view is that organisations will be able to offer more choice, support BYOD and no longer need to money spend on high-end physical compute devices, deal with logistics, repairs, maintenance, and lifecycle management. All employee’s need is an existing device / browser and a reliable internet connection access their Windows 365 Cloud PC. Since this is a subscription service (like other SaaS apps), they can avoid capital expenditure on laptops and desktops that may not get used 100 percent of the time, allowing them to be more efficient with the use of their resources.

On the other side, many organisations have been investing in modern mobile computing like the Surface Pro 9 5G for hybrid work with local apps that access cloud services like Microsoft Teams and Office 365 etc.

Common Scenarios? There are many scenarios in which neither model is best and as such we typically seem a blended approach (some with physical devices some with Cloud PCs or even both!!). Some may compliment their laptop and local app deployment model with technology like Cloud PC for accessing certain apps, apps that require additional security such as finance apps or development platforms. There will also be scenarios in which a Cloud PC only environment works. Let’s explore some of these below.

  • Long term remote or contract workers that may not need a corporate device because they choose to use their own or because providing them with one is cumbersome and logistically difficult. For example, you may have a new contractor working with you full time for a period of weeks or months. Windows 365 Cloud PCs can be be used to create a dedicated, cloud-based environment for contractors with access to a specific set of applications, access to specific parts of your network and have specific conditional access policies. With Cloud PC, IT can quickly enable this securely on their personal device, with whatever restrictions you choose, completely isolated from their personal desktop.
  • Remote Work / work from anywhere – For example, you might be working from home or the office on your laptop and leave to go home, into the office or just to grab a coffee at the local cafe. Instead of lugging your laptop along, you could simply take your tablet/iPad and access your Cloud PC where you left off. This is also a great use case when on holiday and you need to access your desktop.
  • For specialist apps or secure environment – You may have roles within the business such as finance, surveyors, 3D modellers, programmers etc, who work on petabytes of data on a dedicated high-end workstation. For these people working remotely may not be an option or accessing seamless is a security nightmare. With Windows 365, these employees could have access to the same PC power as their office workstation on a secure environment on their own home PC or tablet.
  • To get super-fast internet access if you have isolated remote workers. Another advantage of Windows 365 is superfast internet. How? Well, since your Cloud PC runs from the Microsoft Cloud, you are essentially streaming just the screen – all your local apps, file and processing are done in the Cloud, so when you download large data from Office 365 or any other source, it’s actually being downloaded to and from Microsoft’s data centres, which means super-fast internet. Microsoft demo’d a speed test which showed download speeds of up to 10 GBPS and upload speeds of up to 4 GBPS. In my tests I received the following.
  • New employees and for improving the break-fix experience – For employees that develop a fault with their corporate laptop or for new employees that don’t yet have a laptop, Windows 365 can be a great fit. Instead of getting them to use their own device as a BYOD device mode (which is not secure, breaches company security policy, could increase risk of breach, malware infestation etc), while they wait for a device or repair, use Windows 365 to quickly provision them a corporate Cloud PC which they can access from any device and that looks and feels exactly like the experience they are used to. This minimises impact to the user, keeps them productive, reducing urgency in repair or device procurement and can make for a super slick process for all involved.

Windows 365 from an Admin Experience

Now then, I am not an IT administrator anymore (I was once), but from the experience I have had setting up demo and test environments, it is so simple. Reason being, there is no setting up and maintaining complex VDI network and software infrastructure or different tools to use for management, since everything is managed through Intune – which you probably already use!

Using Intune, IT can manage both physical and virtual devices in one place making it simple to deploy software, add new Cloud PCs, upgrade Cloud PCs and of course, reset them, delete them and re-provisioning them. IT can also easily see how much computing power each Cloud PC or user is using and because they run in Azure (which is Carbon Neutral), you can technically deploy an entire fleet of Cloud PCs with zero CO2 overhead! Onboarding users is simple too, as you can simply make a user part of the right group (ensuring they also have a license) and a new Cloud PC is automatically provisioned which takes less than an hour. If you have autopilot enabled, then just like a physical device, the apps, configuration, settings etc are all applied as part of the build!

Since device specification is controlled by a license – should a user needs a more powerful device, IT can simply assign a different license – no waiting on a complex configuration change or buying a new physical PC (also good for the environment). The opposite also applies as a Cloud PC can be changed to a lower power device – saving compute power and licensing costs! Network performance monitoring is also built inside Windows 365 and because every Cloud PC runs from Microsoft’s Cloud they get laser-fast and direct connect connectivity to your Microsoft 365 app and Azure and being a Microsoft Cloud Service – Microsoft continuously monitor and run diagnostics on your Windows 365 environment – meaning if they detect an issue (either with your config or theirs), IT get notified!

Quick Intune Tour of Windows 365

Security First

One of the big appeals of Windows 365 is for remote work, temporary staff, new joiners, contractors, and students. Since the Cloud PC is…well in the cloud, it’s inherently more secure – protected by the same enterprise class security, identity, and compliance solutions from Microsoft that most admins will already use. Since Cloud PC is accessed via a secure browser or the Windows 365 app, it is isolated and insulated from most threats, and since is not directly installed on your device, it’s inherently more secure and can be configured to have no local access removing the risk from malware or ransomware from the underlying physical device.

Cloud PC also supports Azure AD Single Sign (and even password-less sign-on) on which gives a frictionless user experience without the need to use separate passwords – reducing the risk of credential theft in your environment which is especially useful when used with personal devices.

“By leveraging Windows 365 we can quickly and easily provide contactors with Windows 11 desktops which they can access on their own laptops meaning they are protected by our security and compliance policies. These Cloud PCs are instantly available from any device and any location, with little to no risk from the physical device they use to connect from”.

A customer quote!

Windows 365 vs Azure Virtual Desktop

How is Windows 365 different to Azure Virtual Desktop then?

Where Windows 365 Cloud PC is a dedicated desktop, managed by Microsoft as a SaaS app, Azure Virtual Desktop (AVD) is a Platform as a Service (PaaS) service which runs in Azure. With AVD, organisations have more full granular control over the environment build, and can configure a fully tailored, customised desktop and application virtualisation experience using either pooled or dedicated (one to one) desktops. Windows 365 is dedicated desktop and does not support multi session like AVD does. Billing of AVD is based on Azure usage whereas, Windows 365 is a single subscription per user and billed on a flat per user, per month fee (based on the spec of the machine).

Both Windows 365 and AVD make use of some overlapping technology, so they may seem similar but there are major differences.

How to Get Started with Windows 365

  1. Procure some licenses from your partner or Microsoft direct
  2. Configure Windows 365 from Intune
  3. Configure the on-premises network connection
  4. Create Security Group for Cloud PC users
  5. Assign a Cloud PC license to your users (or at group level)
  6. Create a Provisioning Policy
  7. Configure Hybrid Azure AD Join or Native Azure AD Join
  8. Create or assign a custom or stock image
  9. Enable and configure updates for Windows 365 (you can even use Autopatch)
  10. Assign users to the group created in step 5
  11. get the user to download the Windows 365 App or connect via a browser at

There’s a full guide on Microsoft Learn or speak to your partner to help you set up a PoC via FastTrack or as a paid PoC.

Cisco Thousand Eyes: End-to-End visibility into Cloud App performance.

Hybrid Work and the growth of SaaS makes troubleshooting end user experience so much harder.

ThousandEyes by Cisco is a digital end user experience monitoring solution that helps ensure your business SaaS apps are running at optimum performance wherever your employees or customers are.

ThousandEyes proactively monitors, alerts, and provides visual “route cause analysis” within minutes of a User Experience issue, regardless of if whether the issue is the LAN, WAN, Internet, “XaaS”, ISP, Collaboration Service (such as Teams, Webex or Zoom), or Cloud Provider. It can even determine whether the issue is caused by any third-party dependency such as Content Delivery network, Application, Connector, Secure Web Gateway, Identity Provider, or firewall.

What is ThousandEyes?

ThousandEyes enables organisations to rapidly increase the responsiveness of support teams and managed service providers by providing end-to-end visibility and performance monitoring across the ever-changing and distributed IT landscape wherever your applications, data, infrastructure, user, and devices are located by.
This helps organisations to:

  • Better support their hybrid workforce with near-real-time visibility of the employee’s experience.
  • Quickly identify and solve app experience issues by continually monitoring employee interactions with web and SaaS-based applications.
  • Gain end-to-end visibility from the user, across the network, WAN, and the Internet as well as to their cloud service providers and SaaS applications.

Cisco Thousand Eyes provides and end-to-end End user Experience Monitoring to help ensure that your employees / customers experience of your service or applications is “as expected” and helps proactively detect when there are issues which might impact this performance before users start complaining.

End to end visibility with Cisco ThousandEyes

Thousand Eyes provides end to end visibility and intelligence”. Its aim is to help IT provide the best possible employee and customer experience, whatever the application or service by comprehensively measuring and monitoring network performance end-to-end. This means that IT get complete visibility across the internet or WAN, edge, network, application, routing, and device layers to see exactly how and where the Internet and WAN connectivity is impacting employee or customer user experience.

Paying customers of ThousandEyes – and one of its’ killer features, is its’ ability to perform performance “snapshots” which provide clear-cut information – either on demand, or on a schedule. These can be shared with people outside your organisation and is pivotal to proving where the fault lies, therefore helping to help SaaS vendors troubleshoot their own infrastructure and it won’t be a surprise that many of the worlds’ largest SaaS providers are also Cisco Thousand Eye customers!

It does this by using “active monitoring” that utilises a software agent that simulates user activity and checks availability from multiple locations. Cisco leverage Thousand Eyes agents across much of their network equipment including wireless access points and switches (such as the Cisco Catalyst 9k), Cisco SDWAN solutions and SASE services, and is even incorporated into their Webex Meetings platform. There are also agents for desktop devices that can be deployed and what’s more you don’t need a Cisco network to use it. Thousand Eyes is proven to work well with leading SaaS and collaboration platforms such as Slack, Webex and Microsoft Teams.

Cisco Thousand Eyes – Image (c) Cisco.

The Synthetic testing constantly simulates user interaction with SaaS and Web applications, represented by a series of page loads interspersed with interactions like typing in fields and clicking buttons, making the synthetic test “feel” like a user to the actual applications under test. These tests are invaluable to application and network operations staff, since it helps IT and App Support better understand actual user experiences rather than playing the best guess or deflect game. These are presented back as “experience scores” which can be reported on, alert and track trends over time, providing an early warning before issues arise.

What problem does ThousandEyes fix?

In short, when an employee or a customer has a bad digital experience, they don’t care where the problem is, or what has caused it – they simply want to know what is wrong and when it might be resolved.

Marketing slide from Cisco ThousandEyes

The need and therefore market for this kind of tool is increasing, as the global pandemic dramatically accelerated the shift to the cloud and SaaS apps, and with the hybrid work, now just the way we work, we need a better way of monitoring and managing the end-to-end employee experience in an environment that no longer directly in control of IT!

As the world settles into what is now a hybrid work world dominated by the continual adoption of SaaS apps and work from anywhere mindset, visibility into how applications are performing for your employees and customers across the internet and various cloud services is critical to business continuity, employee, and customer experience.

Hybrid Work and the growth of SaaS
makes troubleshooting end user experience so much harder.

Today, we, many organisations are still reliant on “self-diagnosis” (or no diagnosis), which leads to conversations like “it’s the network” or “my broadband is slow” or “XXX application is running slow”. This might have been ok during the peak of the pandemic when everyone was sent home to work and was “making the best out of temporary situation”, but three years on this from this, diagnosing and troubleshooting performance related issues is still too commonplace. Now, more than ever, the ability to monitor the end-to-end performance of your business apps, dictates the experience of your customers and employees and the excuses of before are no longer tolerated.

When an employee or a customer has a bad digital experience, they don’t care where the problem is or what has caused itthey simply want it fixed quickly.

Many of these issues are not new, but the shift to cloud and our new distributed hybrid workforce, means that it is becoming increasingly more difficult to understand and support the right “experience” using traditional legacy application performance management tools. What’s more the lack of visibility can often means employees and customers can be having a poor experience without IT or support evening knowing about it until someone complains!

Who needs ThousandEyes?

  1. Do you have employee experience issues due to lack of Internet, WAN or SaaS visibility?
  2. How do you know your Content Delivery Provider is serving your content quickly and consistently whether users at home or in the office?
  3. Do you have inhouse web apps and need a better way of understanding how they perform? when your users work remotely or from disparate offices?
  4. Does your IT help desk struggle to add value and provide answers to users experience issue with SaaS applications?
  5. Is the lack of visibility and ability to monitor cloud apps, impacting employee productivity and/or customer experience?

If the answer to the above is mainly “yes”, then it’s worth looking at investing your time in a proof of concept to see how Thousand Eyes could help.

Why Cisco?

Personally, I think ThousandEyes is a great fit for any organisation with a cloud-first approach that has offices globally and leverages a high degree of hybrid workers (that’s most of us right!)! Whilst it’s not limited to those with only Cisco networks, the economics work well for organisations that already leverage Cisco networking, due to native integration across most of Cisco’s core product offerings including their Cisco Catalyst networking, SASE, SDWAN and their Collaboration suite (Webex).

This makes integration and deployment slick and negates the need to deploy additional agents, since Cisco include the ThousandEyes agent across many of their devices. Customers that buy into Cisco Enterprise Agreements also get a more competitive price point for ThousandEyes and from a support perspective it’s an integrated suite which means less finger pointing.

Speak to a Cisco partner for help

Speak to your favourite Cisco Gold Partner (I’m happy to help you need one) and they will be able to help demonstrate, deploy, configure, and support ThousandEyes for your organisation.

You will find your trusted Cisco partner can help in many ways including:

  • Demos, PoCs or specific product/application performance assistance
  • Cisco funded free trials
  • Help with business case development following a successful PoV
  • Scoping, deployment and tuning to ensure you can monitor all your in-house web and public SaaS hosted applications, connecting into your underlying Wireless LAN, WAN, MPLS, Internet connectivity and WFH remote locations to provide end-to-end visibility and end user performance monitoring.
  • Consultancy and support to ensure key departments, locations, users, and application estate is under cover.
  • Access to the best pricing through your Cisco Gold Partner.

See it action and find out more

Cisco provide free to access to this awesome “live outages site” where you can look at the live state of the world’s most popular commercial and consumer cloud services and see just how comprehensive and simple it is to use.

https://thousandeyes.com/outages
Cisco ThousandEyes Outages Site

ISE 2023 — Is Teams on Cisco Rooms just the beginning?

With ISE 23 kicking off this week in Barcelona, the UC world will no doubt be excited to see the developments, fruition and live demos of Cisco tech running Microsoft Teams.

This is significant for several reasons. Of course, Microsoft can run Webex, Zoom, RingCentral, and others from within Teams and many of the Teams hardware from Yealink, Poly, Logi etc can also run both Zoom and Teams on the same hard hardware, but this requires a reboot of the hardware causing a less than slick experience.

Is Cisco Rooms on Teams the beginning of a bigger plan?

What Cisco and Microsoft have done differently is that with this partnership, Cisco devices will not only run Webex or Teams, but the Cisco Meeting room kit will be able to do this seemlessly without a reboot

Cisco Room Kit running Microsoft Team

It will be interesting to see if any other Annoucements this week suggest that other Teams & Zoom meeting room kit will be lookimg to do the same!

Why is this significant?

The big questions is why would Microsoft find value in this after all Microsoft now has close to 300 million monthly active users and is the clear leader in is this space which it continues to innovate with new services and revenue streams expected from the recent launch of Teams Room Pro and Teams Premium.

According to analysts, Cisco and Microsoft share close to 90 percent of the same customers. Not necessarily in the collaboration space but across the board. Where that is Cisco’s networking business or Call Manager or Webex, Security or indeed their Contact Contact centre (which is soon to be certified for Teams.)

Most organisations like the idea of a smaller number of vendors to work with and if they can standardise on Cisco and Microsoft for their meeting room technology (since Microsoft don’t make the hardware for their Teams Rooms), this could be a big advantage.

For Cisco, this also means that they don’t loose the hardware and maintainance on their room systems should their Webex customer base decide to move partly or in full to Microsoft Teams.

For Microsoft, I think this also means bringing Cisco in as more of an advocacy – protecting both their install bases from their joint competition in this collaboration and voice space – Zoom, Google and RingCentral…vendors both Cisco and Microsoft do not want to see penetrate or weave into their account base.

Is this really about CPaaS?

Cisco is betting heavily on the success of its redefined Contact Centre solution Webex Contact Centre which could become a real significant player in the CCaaS space for Teams users and not just Webex customers.

Since the partnership was announced at Ignite, just before Xmas, much of Cisco messaging has been around  adding value to Teams rather than replacing it (though Cisco hope of course customers will still invest in Webex). The focus of much of the marketing is around making the user experience on Teams better by using Cisco technology.

Elevate your Microsoft Teams Rooms experience with Cisco devices”.

Here’s where CPaaS comes in. This partnership with Microsoft is also a great opportunity for Cisco to leverage its broader UC portfolio to add their Webex Contact Center natively into Team, attacking the plethora and crowded market of Teams certified contact centres such as Luware, Anywhere 365 and Enghouse.

Organisations with Teams, looking to replace their contact centre solutions are continually looking at Teams Certified solutions.

The Cisco Webex Contact Centre is already a  highly-regarded CCaaS solution, soon to be certified by Microsoft for Teams (maybe as soon as this week?).

Cisco Webex CC on Garner Magic Quadrant 2022

Cisco and Microsoft – Better together?

Only time will tell.. If the plan plays off Cisco should certainly be able to capitalise on market growth and their reputation and proven success in the CCaaS space. If they can secure Webex as the CPaaS of choice for Teams, this could significantly reverse the declining marketshare that Cisco has been suffering of late.

This will also help Microsoft block their other completion and prevent players like Zoom getting into their accounts. Together Cisco and Microsoft should be able to protect their join customer base making it harder for other UC vendors to eat their share.

Who might loose out to this partnership?

The Teams Room space is already well served by flexible, innovate solutions from the likes of Yealink, Poly, Neat and Logitech etc. For Teams organizations already invested in these brands, I see them sticking, but customers moving from Cisco to Teams now have the ability to reduce cost, maintain ‘brand’ and leverage thier investment and partnership with Cisco with less disruption, upheaval and change.

The CPaaS providers that develop Teams certified contact centres may be most worried by this partnership, since Cisco will now able to compete in their space which, whilst already crowded, lacks many true enterprise grade solutions like Cisco have.

Windows 365 now supports Azure AD SSO

Windows 365 now supports (Dec 2022) the creating of Azure AD Cloud PCs that use single sign-on. Previously this required a dual-sign in step.

This is a big improvement, and now means users only have to logon once to the Windows 365 Cloud PC app – from here on in, their CloudPC desktops will seamlessly sign-in (subject to any specific conditional access polices you may have applied of course.) It even works with passwordless sign-on . You can see the user experience below.

Windows 365 Cloud PC SSO Demo

Enabling the SSO setting

To enable SSO, administrators can update their existing Cloud PC provisioning profiles or create new Cloud PC policy with the “single sign on” setting enabled.

Enabling SSO for Windows 365 Cloud PC

Note: Existing Cloud PCs will not automatically support SSO – these will need to be re-provisioned, which can be done from the device pane in endpoint manager as show below.

Reprovision a Windows 365 Cloud PC

Read more from Microsoft

What’s new in Windows 365 Enterprise | Microsoft Learn

Why Cisco’s new Solution Specialisations are great for Cisco, their partners, and their customers

As tech vendors continue to modernise and revamp their partner programmes to better align with the pace of technology, changing needs of their customers, demands around hybrid work and the continual digital transformation acceleration, Cisco have recently added six new solution specialisations which aim to further build and support their partner competitiveness as well as recognise and reward partners with specific expertise and capability.

Image (c) Cisco

The six new specialisations are tied to Cisco customer priorities and represent fast-growing market opportunities for Cisco and its partners in areas where Cisco has been investing and innovating. These are heavily focussed around Hybrid Cloud and Hybrid Work and the solutions that enable these.

Cisco’s Solution Specialisations

The new solution specialisations are one of the four categories of partner specialisations available to qualified Cisco partners, like Cisilion to demonstrate their expertise to customers, including:

  • Architecture specialisations: demonstrate product expertise in specific technology areas.
  • Solution specialisations: demonstrate that a partner excels at delivering value with Cisco solutions, including cross-architectural offers prioritized by customers.
  • Cisco Powered Service specialisations: convey partner proficiency in delivering managed services and as-a-service offers.
  • Business specialisations: focused on horizontal business practices that are essential to supporting customers’ business goals.

Partners that achieve solution specialisations are recognised and rewarded based on the value delivered to customers. The requirements for each specialisation are tied to knowledge and experience, allowing partners to capitalize on their existing investments with Cisco.

The relevance of the new Solution Specialisations

Cisco say their solution specialisations are designed to “showcase partner value to customers and represent the type of solutions partners are selling today“. These specialisations (which are not simple to earn and retain), reflect how Cisco partners, like Cisilion, are using cross-architectural solutions to solve their customers’ biggest challenges (such as how to address the challenges or hybrid work) rather than just simply selling and deploying technology products. Cisco say that “the specialisations are awarded to partners that can demonstrate how they are working collaboratively with Cisco to help solve customer challenges such as balancing an organisation’s security needs with the flexibility employees want, providing the best digital experience or consistently delivering a secure user experience from anywhere.

Specialisation is ranked number one as the initial critical partner selection criterion for 74 percent of customers. By tying solution specialisations to customer buying criteria, Cisco makes it easier for customers to identify which partners to work with.

Techaisle Take: Cisco Partner Program

The six new solution specialisations

  • Full-stack Observability (FSO): Which highlights partners expertise in centralising and correlating application performance analytics across the full IT stack. This includes integrations across Cisco’s AppDynamics, Thousand Eyes, Intersight, and Secure Application. Partners with this specialisation can demonstrates expertise in prioritising actions to deliver superior customer experiences, drive revenue streams, and accelerate digital transformation for their customers.
  • Hybrid Work from Office: Which recognises partners for their skills and experience helping customers evolve traditional on-site and off-site work models, with solutions that power hybrid work, enabling people to work safely and securely from home, the office, and anywhere in between on any given day or time.
  • Secure Access Service Edge (SASE): Which highlights partners’ ability to help their customers to securely enable the growing universe of roaming users, devices, and software-as-a-service (SaaS) apps without adding complexity or reducing end-user performance.
  • Hybrid Cloud Computing: Showcases partners that provide customers with simple, secure hybrid cloud computing experiences at home, in the office, or anywhere.
  • Hybrid Cloud Networking: Recognises partners that securely and efficiently connect and manage customers’ data, workloads, and applications across data centres, edge, and multiple clouds.
  • Hybrid Cloud Software: Demonstrates expertise in managing operational complexity by helping customers streamline and unify IT operations with secure, hybrid cloud management software.

Benefits for Customers and Partners

The main benefit is that this approach takes away from an old-skool technology/product sell that was all about speeds, feeds, features, and cost, and instead encourages partners to have more meaningful “outcome-based conversation“. Cisco say this should help partners do what they do best – having a more “unified solution strategy” conversation with customers where technologies integrate and work together to provide solutions that are better than the sum of the parts.

Examples of this include the alignment between Cisco’s Webex video, calling and meeting services, the network infrastructure layer, the edge, and the Internet with integrated full stack visibility across these layers to ensure the best user experience whilst simplifying IT operations through management and support.

Should every organisation be considering Windows 365?

Windows 365 has just celebrated its first birthday – but what is it and why is Microsoft betting big on Windows 365 to help improve the employee experience, tighten security, and provide better agility for employees?

Businesses globally are once again being hit head on with challenges unrivalled in recent business history. Employee churn-rates are at record levels presenting unique business challenges, whilst the continuing shift in the workforce from centralised offices to home working has increased the number of “work locations” exponentially. Combined with the on-going global supply chain shortages, and logistical difficulties in procuring, preparing, and shipping new devices to employees makes onboarding new employees more challenging than ever. The continuing need to provide employees with a secure, professional, corporate desktop environment is pressuring IT to make decisions that can impact process, security, governance and above all employee satisfaction.

Microsoft are betting big with Windows 365, since it can help organisations significantly reduce the time it takes to provide new employees with access to their corporate desktop environment from days or weeks to minutes without compromising security. What’s more, unlike traditional on-premises Virtual Desktop Infrastructure (VDI) environments, Windows 365 (which is a new category of cloud computing, known as Cloud PC, simplifies the entire provisioning process and user experience.

In conjunction with the Enterprise Security Group, Microsoft recently carried out a TEI study which found that by leveraging Windows 365 Cloud PC, organisations can significantly lower the cost of providing access to an organisation’s end user computing environment whilst improving security and employee satisfaction. The ESG report also revealed that Windows 365 can provide a “typical organisation” with an overall annual benefit of up $7,271 per user for small businesses and up to $6,765 per user for companies with over 1,000 employees.

What is Windows 365?

In short, Windows 365 unlocks a new category of hybrid personal computing, called “Cloud PC” that delivers Windows from the cloud. It aims to provide a hybrid approach to providing client computing by utilising a cloud service that is not tied to any specific hardware.

Image (c) Microsoft

Windows 365 combines the power and security of Windows 10 or Windows 11 with the scalability and versatility of cloud to provide a personal, reliable, and familiar work/desktop environment on any supported physical device. If want to see it in action, you can head over to Microsoft’s YouTube video here.

Similar in concept, but different to VDI technology, Cloud PCs are one of the newest Microsoft cloud solutions to come to market. Cloud PCs are optimised for business and user agility, are highly secure, persistent to the user and are billed on a per-user, per-month model that simplifies the cost and infrastructure complexity of client computing environments and on-premises VDI solutions.

The report by ESG validated that Windows 365 provides capabilities that address nine of the ten business challenges identified by IT leaders.

Source: ESG Complete Survey Results, End-user Computing Trends, February 2022.

SIMPLE, COST EFFECTIVE, POWERFUL, SECURE – Windows 365 works by giving each user a dedicated Cloud PC (of a chosen specification) that runs their own individual Windows 10 or Windows 11 desktop environment while providing an extremely simple-to-manage ecosystem all managed via Microsoft’s Endpoint Manager toolset which is used to manage the rest of the physical desktop or laptop estate. For users, this means they can bring their existing device and instantly be presented with a familiar and powerful end-user computing experience either while they “wait” for their replacement or physical device or instead of waiting for IT to procure, provision, and image a new corporate device. In turn the ESG report finds that Cloud PC technology provides an effective solution for organisations of any size and sector, which are working to meet the complex needs of a hybrid or remote workforce.

Benefits of Windows 365 Cloud PC

Cost Predictability

The ESG report, concludes that Windows 365 delivers a combination of lowered costs, eliminated costs, and a predictable fixed cost model which can provides significant financial benefit in several areas.

  • Lower costs: Shifting to Windows 365 lowers and eliminates costs in several areas, including VDI licensing, server operating systems, remote desktop licensing, storage, management, power and cooling, license management, VDI management, procurement, and end-of-life costs.
  • Fixed-price model: Windows 365 Cloud PC pricing is based on a simple per-user, per-month model which that allows organisations to match computing and storage needs to individual user requirements. There is value in being able to project costs in business. Most VDI pricing models are based on consumption, which, while this may initially seem like an advantage, most organisation often find that their monthly charges extend far beyond projections when usage spikes unexpectedly.
  • Ability to cross-charge services: Organisations that charge internal or external business groups fees for licenses, hardware, or services will find that the Windows 365 predictable cost model makes it much easier to allocate specific costs in a granular and predictable way, especially when compared to the capital-intensive purchases needed to facilitate on-premises VDI or DaaS.

Business and User Agility

With employee churn-rates are at record levels, continuing delays in supply chains and with more employees, contractors and temporary staff being permanently remote, getting new employees up and running as quickly as possible is a big challenge. Windows 365 allows companies to provide highly secure Cloud PCs running Windows 11 on their device within minutes verses hours, days, or weeks.

  • Time to employee enablement: The time from when a new employee, temporary worker, or contractor is hired to when they are fully onboarded with their corporate device often takes time, leads to the employee getting a second-hand device, or means it delays their onboarding time. Leveraging Cloud PC technology can, however, means that organisations can now provide new starters with a new Windows desktop is under an hour, allowing them to security access their work environment from any supported device that the new worker wishes to use, even if it is only a temporary situation.
  • Enablement of temporary/seasonal workers – The cost in both money and time to empower short-term workers with a company work environment is often high, and either inhibits an organisation’s willingness to employ temporary works or worse, means they are forced to compromise on security due to the time to procure and provision a device. With Windows 365, temporary workers can quickly be provisioned so they have immediate access to the corporate environment while safe in the knowledge that all intellectual property stays secured within the corporate environment, and that the Cloud PC can be immediately removed at the end of the contract period.
  • Efficient IT Management – When compared to the effort required in procuring, preparing, and delivering laptops to users or even configuring and deploying virtual desktops with traditional VDI platforms, deployment of Cloud PC technology like Windows 365 can result in a 46% reduction in IT effort.
  • Ability to use any device – Windows 365 allows IT to provide workers with a highly secure, Windows 11 desktop on any supported device even though the host device may not be capable of natively running the OS. This is also great for “Bring Your Own Device” (BYOD) scenarios for employees who may just be starting or have shifted to working from home or short-term workers such as interns, contractors, and consultants.
  • Increased ability to react quicky to seasonal demand – The ability to get a secure, corporate desktop to users quickly is one of the barriers to rapid enablement. Windows 365 Cloud PCs empower businesses to immediately create and decommission desktops to react to opportunities that might be ignored in other DaaS or VDI environments.
  • Equality with the employees – The mindset of the workforce has changed from “May I have a job?” to an attitude of “What are you willing to do to keep me as an employee?”. Treating all employees as equals and providing them with a premium, professional-grade work environment is two of the key criteria for ensuring employee satisfaction. With Windows 365, employees can access a highly secure, personalized Windows 11 work experience through their Cloud PC, regardless of location or available device.
  • Merger and acquisition (M&A) scenarios – Mergers and acquisition events take months, even years, to align the separate work environments that result in an M&A to the same access and security postures. This limits potential cooperation between the entities and delays the full realization of value for the event. The ability to rapidly assimilate the new entities to the existing EUC solution accelerates the time to value and reduces the cost and risk of running parallel environments. The time to combine these two work environments into one can be significantly reduced by using Windows 365 Cloud PC.

Improved Security Posture

Employees and contractors today are working outside conventional environments and often on hardware that was never intended to be on corporate networks. The result is an increased risk of security breaches and data loss and, in many cases, missed business opportunities. ESG has found that organizations that adopt Windows 365 can help enhance their security posture in the following areas.

  • Inclusive, Secure, yet Flexible remote work – Cloud PCs can enable a hybrid workforce in a highly secure manner, even if those workers sometimes or always do their work on devices that aren’t expected to have direct access to corporate networks. Windows 365 Cloud PCs offer a layer of isolation that provides strong protection for the work environment and helps prevent data leakage or loss, with configurable options for how the Cloud PC interact with available physical device.
  • Business continuity and governance – As we know, COVID-19 forced almost every business to suddenly rethink, re-shift and re-prioritise their approach to remote work in a matter of days – doing all they could to get devices, repurpose old kit, leverage employee’s personal devices and ramp up VDI deployments, VPN and remote access tech to enable their people to work, often at the expense of usability, security and governance. As the future of this now unfolds into the hybrid workplace we see before us, technology like Windows 365 becomes a viable BC/DR solution. In short, Windows 365 could now be a vital cornerstone of a business continuity strategy and one that minimises disruption, maintains security and governance and provides a smooth transition for users.
  • Immediate on-boarding and offboarding of employees/contractors – The cost of PC recovery in the event of an offboarded employee or contractor is high and can take weeks in today’s expanded work environment. Interestingly, IBM estimates that 44% of breach events are caused intentionally by disgruntled employees who have been terminated but still have access to company hardware and resources. One of the benefits of Windows 365 is that as well as near instant provisioning, it also allows for the immediate removal of access to the Cloud PC along with all company data.
  • Protection of company data – the FBI estimate that 1 in 10 laptop devices will be lost or stolen during their lifetime, with the risk and financial exposure per event estimated to be between £25,000 and £45,000. Since Windows 365 Cloud PC devices store no data on the host device, a lost or stolen Cloud PC can be limited to the cost of the hardware and can be instantly accessed on another device, meaning no loss of productivity and no risk or loss or theft or corporate data.

What’s your experience of Windows 365?

As always, I’d love to hear your experiences, thoughts, and feedback on this – please leave a comment in the boxes below.


To read more about Windows 365, you can also check out Microsoft’s official FAQ

Cisco Live 2022: Cisco Catalyst Management is coming to the Meraki cloud

At Cisco Live 2022 this week, Cisco annouced that Catalyst is coming to the Meraki cloud which put simply means that organisations will now be able to manage their Catalyst switches and access points using the Cisco Meraki cloud dashboard, providing a centralised view of the network with real-time switch status and health.

Image (c) Cisco Meraki

Supported platforms

At time of launch, the Catalyst 9200, 9300 and 9500 switching platforms will be supported in the Meraki dashboard with two different options:

  • Cloud Monitoring (monitoring only)
  • Cloud Management (monitoring and config management)

Licensing

  • Monitored Catalyst switches needs only a Meraki license.
  • Fully managed Catalyst switches requires DNA Advantage (DNA-A) or DNA Essentials (DNA-E) licensing.

The main difference between the two switching licenses is that DNA-E will not include application visibility or client usage data.

Is this the end to DNA Center?

Put simply, No. What Cisco is doing is providing more flexibility and options to their customers. It will mean, however that organisations will need to make a choice as to where that want to manage their Cisco Catalyst infrastructure. In Meraki, in DNA Center, or standalone.

Once a Catalyst switch is fully managed by Meraki it will no longer be an IOS device and will instead run Cisco Meraki software. If the Catalyst switch is a monitored only switch though, it will still be accessible and manageable via the CLI.

New Catalyst Wireless Switches

Cisco also annouced that they are introducing three new Catalyst wireless access points that can be managed by their Meraki dashboard or a C9800 controller.

  • Catalyst CW9166
  • Catalyst CW9164
  • Catalyst CW9162

Feature Partity with DNA Center?

No.. Well not initially anyway.

Since this is the first iteration of Catalyst management within the Meraki Cloud dashboard, there will not be feature parity with what is possible with the CLI or DNA Center. Initially all the core basic basic monitoring and configuration will be available and Cisco have a said a feature list and roadmap will be published soon.

Why are Cisco taking this approach?

Cisco have traditionally been continuing to build on-premises software solutions, such as DNA Center, but with their increased focus of software subscriptions and cloud this is a logical move and something their competition have been doing for a while.

Since the aquisition of Meraki back in 2013, Cisco have continued to try to provided multiple options for their customers and this appears to eb a great move into that hybrid space, providing and option for scenarios where DNA Center maybe too much or complex, but a more simplistic cloud managed approach with a Meraki may well fit organisations who want cloud management with Meraki while still having the feature-rich capabilities of the Catalyst product set.

Getting Started…

Cisco advise their customers to speak to their account manager, work with their trusted a isco partner and / or to check out their get started guide. There’s no need to go full in and organisations can start their move cloud management for Catalyst at their own pace.


Read the full detail from Cisco

Microsoft Entra aims to secure access for the multicloud connected world

Microsoft has just announced “Entra“, which is the latest “family of products” and joins their other suites alongside Priva and Viva.

Entra brings together all of Microsoft’s identity and access products and services and includes Microsoft Azure Active Directory (Azure AD), as well as their Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity services.

Identity is one of the biggest cornerstones for cybersecurity.

Microsoft Entra. Image (c) Microsoft

Microsoft Entra aims to help simply the way organisations approach and accomplish attack surface reduction in the multicloud, hyperconnected world by filling the biggest and most critical gaps. It does this by:

  • Protecting access to any application or resource for each and every user
  • Secure and verify every identity across hybrid and multicloud environments
  • Discovering and governing permissions in multicloud environments
  • Simplying the user experience with real-time intelligent access decisions.

Microsoft Entra embodies our vision for what modern secure access should be. Identity should be an entryway into a world of new possibilities, not a blockade restricting access, creating friction, and holding back innovation. We want people to explore, to collaborate, to experiment – not because they are reckless, but because they are fearless.

Microsoft.

Entra works with the majority of all cloud platforms, including Azure, AWS, Google Cloud, as well as other Microsoft apps and websites.


To find out more, visit the Microsoft Entra website to learn more about how Azure AD, Microsoft Entra Permissions Management, and Microsoft Entra Verified ID deliver secure access for our connected world.