Cisco Thousand Eyes: End-to-End visibility into Cloud App performance.

Hybrid Work and the growth of SaaS makes troubleshooting end user experience so much harder.

ThousandEyes by Cisco is a digital end user experience monitoring solution that helps ensure your business SaaS apps are running at optimum performance wherever your employees or customers are.

ThousandEyes proactively monitors, alerts, and provides visual “route cause analysis” within minutes of a User Experience issue, regardless of if whether the issue is the LAN, WAN, Internet, “XaaS”, ISP, Collaboration Service (such as Teams, Webex or Zoom), or Cloud Provider. It can even determine whether the issue is caused by any third-party dependency such as Content Delivery network, Application, Connector, Secure Web Gateway, Identity Provider, or firewall.

What is ThousandEyes?

ThousandEyes enables organisations to rapidly increase the responsiveness of support teams and managed service providers by providing end-to-end visibility and performance monitoring across the ever-changing and distributed IT landscape wherever your applications, data, infrastructure, user, and devices are located by.
This helps organisations to:

  • Better support their hybrid workforce with near-real-time visibility of the employee’s experience.
  • Quickly identify and solve app experience issues by continually monitoring employee interactions with web and SaaS-based applications.
  • Gain end-to-end visibility from the user, across the network, WAN, and the Internet as well as to their cloud service providers and SaaS applications.

Cisco Thousand Eyes provides and end-to-end End user Experience Monitoring to help ensure that your employees / customers experience of your service or applications is “as expected” and helps proactively detect when there are issues which might impact this performance before users start complaining.

End to end visibility with Cisco ThousandEyes

Thousand Eyes provides end to end visibility and intelligence”. Its aim is to help IT provide the best possible employee and customer experience, whatever the application or service by comprehensively measuring and monitoring network performance end-to-end. This means that IT get complete visibility across the internet or WAN, edge, network, application, routing, and device layers to see exactly how and where the Internet and WAN connectivity is impacting employee or customer user experience.

Paying customers of ThousandEyes – and one of its’ killer features, is its’ ability to perform performance “snapshots” which provide clear-cut information – either on demand, or on a schedule. These can be shared with people outside your organisation and is pivotal to proving where the fault lies, therefore helping to help SaaS vendors troubleshoot their own infrastructure and it won’t be a surprise that many of the worlds’ largest SaaS providers are also Cisco Thousand Eye customers!

It does this by using “active monitoring” that utilises a software agent that simulates user activity and checks availability from multiple locations. Cisco leverage Thousand Eyes agents across much of their network equipment including wireless access points and switches (such as the Cisco Catalyst 9k), Cisco SDWAN solutions and SASE services, and is even incorporated into their Webex Meetings platform. There are also agents for desktop devices that can be deployed and what’s more you don’t need a Cisco network to use it. Thousand Eyes is proven to work well with leading SaaS and collaboration platforms such as Slack, Webex and Microsoft Teams.

Cisco Thousand Eyes – Image (c) Cisco.

The Synthetic testing constantly simulates user interaction with SaaS and Web applications, represented by a series of page loads interspersed with interactions like typing in fields and clicking buttons, making the synthetic test “feel” like a user to the actual applications under test. These tests are invaluable to application and network operations staff, since it helps IT and App Support better understand actual user experiences rather than playing the best guess or deflect game. These are presented back as “experience scores” which can be reported on, alert and track trends over time, providing an early warning before issues arise.

What problem does ThousandEyes fix?

In short, when an employee or a customer has a bad digital experience, they don’t care where the problem is, or what has caused it – they simply want to know what is wrong and when it might be resolved.

Marketing slide from Cisco ThousandEyes

The need and therefore market for this kind of tool is increasing, as the global pandemic dramatically accelerated the shift to the cloud and SaaS apps, and with the hybrid work, now just the way we work, we need a better way of monitoring and managing the end-to-end employee experience in an environment that no longer directly in control of IT!

As the world settles into what is now a hybrid work world dominated by the continual adoption of SaaS apps and work from anywhere mindset, visibility into how applications are performing for your employees and customers across the internet and various cloud services is critical to business continuity, employee, and customer experience.

Hybrid Work and the growth of SaaS
makes troubleshooting end user experience so much harder.

Today, we, many organisations are still reliant on “self-diagnosis” (or no diagnosis), which leads to conversations like “it’s the network” or “my broadband is slow” or “XXX application is running slow”. This might have been ok during the peak of the pandemic when everyone was sent home to work and was “making the best out of temporary situation”, but three years on this from this, diagnosing and troubleshooting performance related issues is still too commonplace. Now, more than ever, the ability to monitor the end-to-end performance of your business apps, dictates the experience of your customers and employees and the excuses of before are no longer tolerated.

When an employee or a customer has a bad digital experience, they don’t care where the problem is or what has caused itthey simply want it fixed quickly.

Many of these issues are not new, but the shift to cloud and our new distributed hybrid workforce, means that it is becoming increasingly more difficult to understand and support the right “experience” using traditional legacy application performance management tools. What’s more the lack of visibility can often means employees and customers can be having a poor experience without IT or support evening knowing about it until someone complains!

Who needs ThousandEyes?

  1. Do you have employee experience issues due to lack of Internet, WAN or SaaS visibility?
  2. How do you know your Content Delivery Provider is serving your content quickly and consistently whether users at home or in the office?
  3. Do you have inhouse web apps and need a better way of understanding how they perform? when your users work remotely or from disparate offices?
  4. Does your IT help desk struggle to add value and provide answers to users experience issue with SaaS applications?
  5. Is the lack of visibility and ability to monitor cloud apps, impacting employee productivity and/or customer experience?

If the answer to the above is mainly “yes”, then it’s worth looking at investing your time in a proof of concept to see how Thousand Eyes could help.

Why Cisco?

Personally, I think ThousandEyes is a great fit for any organisation with a cloud-first approach that has offices globally and leverages a high degree of hybrid workers (that’s most of us right!)! Whilst it’s not limited to those with only Cisco networks, the economics work well for organisations that already leverage Cisco networking, due to native integration across most of Cisco’s core product offerings including their Cisco Catalyst networking, SASE, SDWAN and their Collaboration suite (Webex).

This makes integration and deployment slick and negates the need to deploy additional agents, since Cisco include the ThousandEyes agent across many of their devices. Customers that buy into Cisco Enterprise Agreements also get a more competitive price point for ThousandEyes and from a support perspective it’s an integrated suite which means less finger pointing.

Speak to a Cisco partner for help

Speak to your favourite Cisco Gold Partner (I’m happy to help you need one) and they will be able to help demonstrate, deploy, configure, and support ThousandEyes for your organisation.

You will find your trusted Cisco partner can help in many ways including:

  • Demos, PoCs or specific product/application performance assistance
  • Cisco funded free trials
  • Help with business case development following a successful PoV
  • Scoping, deployment and tuning to ensure you can monitor all your in-house web and public SaaS hosted applications, connecting into your underlying Wireless LAN, WAN, MPLS, Internet connectivity and WFH remote locations to provide end-to-end visibility and end user performance monitoring.
  • Consultancy and support to ensure key departments, locations, users, and application estate is under cover.
  • Access to the best pricing through your Cisco Gold Partner.

See it action and find out more

Cisco provide free to access to this awesome “live outages site” where you can look at the live state of the world’s most popular commercial and consumer cloud services and see just how comprehensive and simple it is to use.

https://thousandeyes.com/outages
Cisco ThousandEyes Outages Site

ISE 2023 — Is Teams on Cisco Rooms just the beginning?

With ISE 23 kicking off this week in Barcelona, the UC world will no doubt be excited to see the developments, fruition and live demos of Cisco tech running Microsoft Teams.

This is significant for several reasons. Of course, Microsoft can run Webex, Zoom, RingCentral, and others from within Teams and many of the Teams hardware from Yealink, Poly, Logi etc can also run both Zoom and Teams on the same hard hardware, but this requires a reboot of the hardware causing a less than slick experience.

Is Cisco Rooms on Teams the beginning of a bigger plan?

What Cisco and Microsoft have done differently is that with this partnership, Cisco devices will not only run Webex or Teams, but the Cisco Meeting room kit will be able to do this seemlessly without a reboot

Cisco Room Kit running Microsoft Team

It will be interesting to see if any other Annoucements this week suggest that other Teams & Zoom meeting room kit will be lookimg to do the same!

Why is this significant?

The big questions is why would Microsoft find value in this after all Microsoft now has close to 300 million monthly active users and is the clear leader in is this space which it continues to innovate with new services and revenue streams expected from the recent launch of Teams Room Pro and Teams Premium.

According to analysts, Cisco and Microsoft share close to 90 percent of the same customers. Not necessarily in the collaboration space but across the board. Where that is Cisco’s networking business or Call Manager or Webex, Security or indeed their Contact Contact centre (which is soon to be certified for Teams.)

Most organisations like the idea of a smaller number of vendors to work with and if they can standardise on Cisco and Microsoft for their meeting room technology (since Microsoft don’t make the hardware for their Teams Rooms), this could be a big advantage.

For Cisco, this also means that they don’t loose the hardware and maintainance on their room systems should their Webex customer base decide to move partly or in full to Microsoft Teams.

For Microsoft, I think this also means bringing Cisco in as more of an advocacy – protecting both their install bases from their joint competition in this collaboration and voice space – Zoom, Google and RingCentral…vendors both Cisco and Microsoft do not want to see penetrate or weave into their account base.

Is this really about CPaaS?

Cisco is betting heavily on the success of its redefined Contact Centre solution Webex Contact Centre which could become a real significant player in the CCaaS space for Teams users and not just Webex customers.

Since the partnership was announced at Ignite, just before Xmas, much of Cisco messaging has been around  adding value to Teams rather than replacing it (though Cisco hope of course customers will still invest in Webex). The focus of much of the marketing is around making the user experience on Teams better by using Cisco technology.

Elevate your Microsoft Teams Rooms experience with Cisco devices”.

Here’s where CPaaS comes in. This partnership with Microsoft is also a great opportunity for Cisco to leverage its broader UC portfolio to add their Webex Contact Center natively into Team, attacking the plethora and crowded market of Teams certified contact centres such as Luware, Anywhere 365 and Enghouse.

Organisations with Teams, looking to replace their contact centre solutions are continually looking at Teams Certified solutions.

The Cisco Webex Contact Centre is already a  highly-regarded CCaaS solution, soon to be certified by Microsoft for Teams (maybe as soon as this week?).

Cisco Webex CC on Garner Magic Quadrant 2022

Cisco and Microsoft – Better together?

Only time will tell.. If the plan plays off Cisco should certainly be able to capitalise on market growth and their reputation and proven success in the CCaaS space. If they can secure Webex as the CPaaS of choice for Teams, this could significantly reverse the declining marketshare that Cisco has been suffering of late.

This will also help Microsoft block their other completion and prevent players like Zoom getting into their accounts. Together Cisco and Microsoft should be able to protect their join customer base making it harder for other UC vendors to eat their share.

Who might loose out to this partnership?

The Teams Room space is already well served by flexible, innovate solutions from the likes of Yealink, Poly, Neat and Logitech etc. For Teams organizations already invested in these brands, I see them sticking, but customers moving from Cisco to Teams now have the ability to reduce cost, maintain ‘brand’ and leverage thier investment and partnership with Cisco with less disruption, upheaval and change.

The CPaaS providers that develop Teams certified contact centres may be most worried by this partnership, since Cisco will now able to compete in their space which, whilst already crowded, lacks many true enterprise grade solutions like Cisco have.

Windows 365 now supports Azure AD SSO

Windows 365 now supports (Dec 2022) the creating of Azure AD Cloud PCs that use single sign-on. Previously this required a dual-sign in step.

This is a big improvement, and now means users only have to logon once to the Windows 365 Cloud PC app – from here on in, their CloudPC desktops will seamlessly sign-in (subject to any specific conditional access polices you may have applied of course.) It even works with passwordless sign-on . You can see the user experience below.

Windows 365 Cloud PC SSO Demo

Enabling the SSO setting

To enable SSO, administrators can update their existing Cloud PC provisioning profiles or create new Cloud PC policy with the “single sign on” setting enabled.

Enabling SSO for Windows 365 Cloud PC

Note: Existing Cloud PCs will not automatically support SSO – these will need to be re-provisioned, which can be done from the device pane in endpoint manager as show below.

Reprovision a Windows 365 Cloud PC

Read more from Microsoft

What’s new in Windows 365 Enterprise | Microsoft Learn

Why Cisco’s new Solution Specialisations are great for Cisco, their partners, and their customers

As tech vendors continue to modernise and revamp their partner programmes to better align with the pace of technology, changing needs of their customers, demands around hybrid work and the continual digital transformation acceleration, Cisco have recently added six new solution specialisations which aim to further build and support their partner competitiveness as well as recognise and reward partners with specific expertise and capability.

Image (c) Cisco

The six new specialisations are tied to Cisco customer priorities and represent fast-growing market opportunities for Cisco and its partners in areas where Cisco has been investing and innovating. These are heavily focussed around Hybrid Cloud and Hybrid Work and the solutions that enable these.

Cisco’s Solution Specialisations

The new solution specialisations are one of the four categories of partner specialisations available to qualified Cisco partners, like Cisilion to demonstrate their expertise to customers, including:

  • Architecture specialisations: demonstrate product expertise in specific technology areas.
  • Solution specialisations: demonstrate that a partner excels at delivering value with Cisco solutions, including cross-architectural offers prioritized by customers.
  • Cisco Powered Service specialisations: convey partner proficiency in delivering managed services and as-a-service offers.
  • Business specialisations: focused on horizontal business practices that are essential to supporting customers’ business goals.

Partners that achieve solution specialisations are recognised and rewarded based on the value delivered to customers. The requirements for each specialisation are tied to knowledge and experience, allowing partners to capitalize on their existing investments with Cisco.

The relevance of the new Solution Specialisations

Cisco say their solution specialisations are designed to “showcase partner value to customers and represent the type of solutions partners are selling today“. These specialisations (which are not simple to earn and retain), reflect how Cisco partners, like Cisilion, are using cross-architectural solutions to solve their customers’ biggest challenges (such as how to address the challenges or hybrid work) rather than just simply selling and deploying technology products. Cisco say that “the specialisations are awarded to partners that can demonstrate how they are working collaboratively with Cisco to help solve customer challenges such as balancing an organisation’s security needs with the flexibility employees want, providing the best digital experience or consistently delivering a secure user experience from anywhere.

Specialisation is ranked number one as the initial critical partner selection criterion for 74 percent of customers. By tying solution specialisations to customer buying criteria, Cisco makes it easier for customers to identify which partners to work with.

Techaisle Take: Cisco Partner Program

The six new solution specialisations

  • Full-stack Observability (FSO): Which highlights partners expertise in centralising and correlating application performance analytics across the full IT stack. This includes integrations across Cisco’s AppDynamics, Thousand Eyes, Intersight, and Secure Application. Partners with this specialisation can demonstrates expertise in prioritising actions to deliver superior customer experiences, drive revenue streams, and accelerate digital transformation for their customers.
  • Hybrid Work from Office: Which recognises partners for their skills and experience helping customers evolve traditional on-site and off-site work models, with solutions that power hybrid work, enabling people to work safely and securely from home, the office, and anywhere in between on any given day or time.
  • Secure Access Service Edge (SASE): Which highlights partners’ ability to help their customers to securely enable the growing universe of roaming users, devices, and software-as-a-service (SaaS) apps without adding complexity or reducing end-user performance.
  • Hybrid Cloud Computing: Showcases partners that provide customers with simple, secure hybrid cloud computing experiences at home, in the office, or anywhere.
  • Hybrid Cloud Networking: Recognises partners that securely and efficiently connect and manage customers’ data, workloads, and applications across data centres, edge, and multiple clouds.
  • Hybrid Cloud Software: Demonstrates expertise in managing operational complexity by helping customers streamline and unify IT operations with secure, hybrid cloud management software.

Benefits for Customers and Partners

The main benefit is that this approach takes away from an old-skool technology/product sell that was all about speeds, feeds, features, and cost, and instead encourages partners to have more meaningful “outcome-based conversation“. Cisco say this should help partners do what they do best – having a more “unified solution strategy” conversation with customers where technologies integrate and work together to provide solutions that are better than the sum of the parts.

Examples of this include the alignment between Cisco’s Webex video, calling and meeting services, the network infrastructure layer, the edge, and the Internet with integrated full stack visibility across these layers to ensure the best user experience whilst simplifying IT operations through management and support.

Should every organisation be considering Windows 365?

Windows 365 has just celebrated its first birthday – but what is it and why is Microsoft betting big on Windows 365 to help improve the employee experience, tighten security, and provide better agility for employees?

Businesses globally are once again being hit head on with challenges unrivalled in recent business history. Employee churn-rates are at record levels presenting unique business challenges, whilst the continuing shift in the workforce from centralised offices to home working has increased the number of “work locations” exponentially. Combined with the on-going global supply chain shortages, and logistical difficulties in procuring, preparing, and shipping new devices to employees makes onboarding new employees more challenging than ever. The continuing need to provide employees with a secure, professional, corporate desktop environment is pressuring IT to make decisions that can impact process, security, governance and above all employee satisfaction.

Microsoft are betting big with Windows 365, since it can help organisations significantly reduce the time it takes to provide new employees with access to their corporate desktop environment from days or weeks to minutes without compromising security. What’s more, unlike traditional on-premises Virtual Desktop Infrastructure (VDI) environments, Windows 365 (which is a new category of cloud computing, known as Cloud PC, simplifies the entire provisioning process and user experience.

In conjunction with the Enterprise Security Group, Microsoft recently carried out a TEI study which found that by leveraging Windows 365 Cloud PC, organisations can significantly lower the cost of providing access to an organisation’s end user computing environment whilst improving security and employee satisfaction. The ESG report also revealed that Windows 365 can provide a “typical organisation” with an overall annual benefit of up $7,271 per user for small businesses and up to $6,765 per user for companies with over 1,000 employees.

What is Windows 365?

In short, Windows 365 unlocks a new category of hybrid personal computing, called “Cloud PC” that delivers Windows from the cloud. It aims to provide a hybrid approach to providing client computing by utilising a cloud service that is not tied to any specific hardware.

Image (c) Microsoft

Windows 365 combines the power and security of Windows 10 or Windows 11 with the scalability and versatility of cloud to provide a personal, reliable, and familiar work/desktop environment on any supported physical device. If want to see it in action, you can head over to Microsoft’s YouTube video here.

Similar in concept, but different to VDI technology, Cloud PCs are one of the newest Microsoft cloud solutions to come to market. Cloud PCs are optimised for business and user agility, are highly secure, persistent to the user and are billed on a per-user, per-month model that simplifies the cost and infrastructure complexity of client computing environments and on-premises VDI solutions.

The report by ESG validated that Windows 365 provides capabilities that address nine of the ten business challenges identified by IT leaders.

Source: ESG Complete Survey Results, End-user Computing Trends, February 2022.

SIMPLE, COST EFFECTIVE, POWERFUL, SECURE – Windows 365 works by giving each user a dedicated Cloud PC (of a chosen specification) that runs their own individual Windows 10 or Windows 11 desktop environment while providing an extremely simple-to-manage ecosystem all managed via Microsoft’s Endpoint Manager toolset which is used to manage the rest of the physical desktop or laptop estate. For users, this means they can bring their existing device and instantly be presented with a familiar and powerful end-user computing experience either while they “wait” for their replacement or physical device or instead of waiting for IT to procure, provision, and image a new corporate device. In turn the ESG report finds that Cloud PC technology provides an effective solution for organisations of any size and sector, which are working to meet the complex needs of a hybrid or remote workforce.

Benefits of Windows 365 Cloud PC

Cost Predictability

The ESG report, concludes that Windows 365 delivers a combination of lowered costs, eliminated costs, and a predictable fixed cost model which can provides significant financial benefit in several areas.

  • Lower costs: Shifting to Windows 365 lowers and eliminates costs in several areas, including VDI licensing, server operating systems, remote desktop licensing, storage, management, power and cooling, license management, VDI management, procurement, and end-of-life costs.
  • Fixed-price model: Windows 365 Cloud PC pricing is based on a simple per-user, per-month model which that allows organisations to match computing and storage needs to individual user requirements. There is value in being able to project costs in business. Most VDI pricing models are based on consumption, which, while this may initially seem like an advantage, most organisation often find that their monthly charges extend far beyond projections when usage spikes unexpectedly.
  • Ability to cross-charge services: Organisations that charge internal or external business groups fees for licenses, hardware, or services will find that the Windows 365 predictable cost model makes it much easier to allocate specific costs in a granular and predictable way, especially when compared to the capital-intensive purchases needed to facilitate on-premises VDI or DaaS.

Business and User Agility

With employee churn-rates are at record levels, continuing delays in supply chains and with more employees, contractors and temporary staff being permanently remote, getting new employees up and running as quickly as possible is a big challenge. Windows 365 allows companies to provide highly secure Cloud PCs running Windows 11 on their device within minutes verses hours, days, or weeks.

  • Time to employee enablement: The time from when a new employee, temporary worker, or contractor is hired to when they are fully onboarded with their corporate device often takes time, leads to the employee getting a second-hand device, or means it delays their onboarding time. Leveraging Cloud PC technology can, however, means that organisations can now provide new starters with a new Windows desktop is under an hour, allowing them to security access their work environment from any supported device that the new worker wishes to use, even if it is only a temporary situation.
  • Enablement of temporary/seasonal workers – The cost in both money and time to empower short-term workers with a company work environment is often high, and either inhibits an organisation’s willingness to employ temporary works or worse, means they are forced to compromise on security due to the time to procure and provision a device. With Windows 365, temporary workers can quickly be provisioned so they have immediate access to the corporate environment while safe in the knowledge that all intellectual property stays secured within the corporate environment, and that the Cloud PC can be immediately removed at the end of the contract period.
  • Efficient IT Management – When compared to the effort required in procuring, preparing, and delivering laptops to users or even configuring and deploying virtual desktops with traditional VDI platforms, deployment of Cloud PC technology like Windows 365 can result in a 46% reduction in IT effort.
  • Ability to use any device – Windows 365 allows IT to provide workers with a highly secure, Windows 11 desktop on any supported device even though the host device may not be capable of natively running the OS. This is also great for “Bring Your Own Device” (BYOD) scenarios for employees who may just be starting or have shifted to working from home or short-term workers such as interns, contractors, and consultants.
  • Increased ability to react quicky to seasonal demand – The ability to get a secure, corporate desktop to users quickly is one of the barriers to rapid enablement. Windows 365 Cloud PCs empower businesses to immediately create and decommission desktops to react to opportunities that might be ignored in other DaaS or VDI environments.
  • Equality with the employees – The mindset of the workforce has changed from “May I have a job?” to an attitude of “What are you willing to do to keep me as an employee?”. Treating all employees as equals and providing them with a premium, professional-grade work environment is two of the key criteria for ensuring employee satisfaction. With Windows 365, employees can access a highly secure, personalized Windows 11 work experience through their Cloud PC, regardless of location or available device.
  • Merger and acquisition (M&A) scenarios – Mergers and acquisition events take months, even years, to align the separate work environments that result in an M&A to the same access and security postures. This limits potential cooperation between the entities and delays the full realization of value for the event. The ability to rapidly assimilate the new entities to the existing EUC solution accelerates the time to value and reduces the cost and risk of running parallel environments. The time to combine these two work environments into one can be significantly reduced by using Windows 365 Cloud PC.

Improved Security Posture

Employees and contractors today are working outside conventional environments and often on hardware that was never intended to be on corporate networks. The result is an increased risk of security breaches and data loss and, in many cases, missed business opportunities. ESG has found that organizations that adopt Windows 365 can help enhance their security posture in the following areas.

  • Inclusive, Secure, yet Flexible remote work – Cloud PCs can enable a hybrid workforce in a highly secure manner, even if those workers sometimes or always do their work on devices that aren’t expected to have direct access to corporate networks. Windows 365 Cloud PCs offer a layer of isolation that provides strong protection for the work environment and helps prevent data leakage or loss, with configurable options for how the Cloud PC interact with available physical device.
  • Business continuity and governance – As we know, COVID-19 forced almost every business to suddenly rethink, re-shift and re-prioritise their approach to remote work in a matter of days – doing all they could to get devices, repurpose old kit, leverage employee’s personal devices and ramp up VDI deployments, VPN and remote access tech to enable their people to work, often at the expense of usability, security and governance. As the future of this now unfolds into the hybrid workplace we see before us, technology like Windows 365 becomes a viable BC/DR solution. In short, Windows 365 could now be a vital cornerstone of a business continuity strategy and one that minimises disruption, maintains security and governance and provides a smooth transition for users.
  • Immediate on-boarding and offboarding of employees/contractors – The cost of PC recovery in the event of an offboarded employee or contractor is high and can take weeks in today’s expanded work environment. Interestingly, IBM estimates that 44% of breach events are caused intentionally by disgruntled employees who have been terminated but still have access to company hardware and resources. One of the benefits of Windows 365 is that as well as near instant provisioning, it also allows for the immediate removal of access to the Cloud PC along with all company data.
  • Protection of company data – the FBI estimate that 1 in 10 laptop devices will be lost or stolen during their lifetime, with the risk and financial exposure per event estimated to be between £25,000 and £45,000. Since Windows 365 Cloud PC devices store no data on the host device, a lost or stolen Cloud PC can be limited to the cost of the hardware and can be instantly accessed on another device, meaning no loss of productivity and no risk or loss or theft or corporate data.

What’s your experience of Windows 365?

As always, I’d love to hear your experiences, thoughts, and feedback on this – please leave a comment in the boxes below.


To read more about Windows 365, you can also check out Microsoft’s official FAQ

Cisco Live 2022: Cisco Catalyst Management is coming to the Meraki cloud

At Cisco Live 2022 this week, Cisco annouced that Catalyst is coming to the Meraki cloud which put simply means that organisations will now be able to manage their Catalyst switches and access points using the Cisco Meraki cloud dashboard, providing a centralised view of the network with real-time switch status and health.

Image (c) Cisco Meraki

Supported platforms

At time of launch, the Catalyst 9200, 9300 and 9500 switching platforms will be supported in the Meraki dashboard with two different options:

  • Cloud Monitoring (monitoring only)
  • Cloud Management (monitoring and config management)

Licensing

  • Monitored Catalyst switches needs only a Meraki license.
  • Fully managed Catalyst switches requires DNA Advantage (DNA-A) or DNA Essentials (DNA-E) licensing.

The main difference between the two switching licenses is that DNA-E will not include application visibility or client usage data.

Is this the end to DNA Center?

Put simply, No. What Cisco is doing is providing more flexibility and options to their customers. It will mean, however that organisations will need to make a choice as to where that want to manage their Cisco Catalyst infrastructure. In Meraki, in DNA Center, or standalone.

Once a Catalyst switch is fully managed by Meraki it will no longer be an IOS device and will instead run Cisco Meraki software. If the Catalyst switch is a monitored only switch though, it will still be accessible and manageable via the CLI.

New Catalyst Wireless Switches

Cisco also annouced that they are introducing three new Catalyst wireless access points that can be managed by their Meraki dashboard or a C9800 controller.

  • Catalyst CW9166
  • Catalyst CW9164
  • Catalyst CW9162

Feature Partity with DNA Center?

No.. Well not initially anyway.

Since this is the first iteration of Catalyst management within the Meraki Cloud dashboard, there will not be feature parity with what is possible with the CLI or DNA Center. Initially all the core basic basic monitoring and configuration will be available and Cisco have a said a feature list and roadmap will be published soon.

Why are Cisco taking this approach?

Cisco have traditionally been continuing to build on-premises software solutions, such as DNA Center, but with their increased focus of software subscriptions and cloud this is a logical move and something their competition have been doing for a while.

Since the aquisition of Meraki back in 2013, Cisco have continued to try to provided multiple options for their customers and this appears to eb a great move into that hybrid space, providing and option for scenarios where DNA Center maybe too much or complex, but a more simplistic cloud managed approach with a Meraki may well fit organisations who want cloud management with Meraki while still having the feature-rich capabilities of the Catalyst product set.

Getting Started…

Cisco advise their customers to speak to their account manager, work with their trusted a isco partner and / or to check out their get started guide. There’s no need to go full in and organisations can start their move cloud management for Catalyst at their own pace.


Read the full detail from Cisco

Microsoft Entra aims to secure access for the multicloud connected world

Microsoft has just announced “Entra“, which is the latest “family of products” and joins their other suites alongside Priva and Viva.

Entra brings together all of Microsoft’s identity and access products and services and includes Microsoft Azure Active Directory (Azure AD), as well as their Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity services.

Identity is one of the biggest cornerstones for cybersecurity.

Microsoft Entra. Image (c) Microsoft

Microsoft Entra aims to help simply the way organisations approach and accomplish attack surface reduction in the multicloud, hyperconnected world by filling the biggest and most critical gaps. It does this by:

  • Protecting access to any application or resource for each and every user
  • Secure and verify every identity across hybrid and multicloud environments
  • Discovering and governing permissions in multicloud environments
  • Simplying the user experience with real-time intelligent access decisions.

Microsoft Entra embodies our vision for what modern secure access should be. Identity should be an entryway into a world of new possibilities, not a blockade restricting access, creating friction, and holding back innovation. We want people to explore, to collaborate, to experiment – not because they are reckless, but because they are fearless.

Microsoft.

Entra works with the majority of all cloud platforms, including Azure, AWS, Google Cloud, as well as other Microsoft apps and websites.


To find out more, visit the Microsoft Entra website to learn more about how Azure AD, Microsoft Entra Permissions Management, and Microsoft Entra Verified ID deliver secure access for our connected world.

Cisco becomes first SD-WAN vendor to leverage Microsoft Informed Networking Routing to optimise performance of Microsoft Teams and SharePoint

Cisco Cloud On-Ramp

Cisco has released an updated version of their SD-WAN software which now supports the optimal routing of Microsoft SaaS apps including Microsoft SharePoint, OneDrive, and Teams on their SD-WAN. Cisco’s Vipella SD-WAN solution is the first SD-WAN solution to be certified for this.

Note: At time of writing, this feature applies to Cisco’s Viptela SD-WAN solution and is not currently supported in the Cisco Meraki SD-WAN portfolio. This may change.

With this update to the Cloud OnRamp feature, Cisco SD-WAN “further integrates Cisco’s support for Microsoft’s Informed Network Routing technology that lets organisations share Microsoft 365 app feedback telemetry with networking vendors and to receive network link telemetry from them”, according to Jeevan Sharma, Manager, Product Management, Enterprise Cloud & SD-WAN group at Cisco in a blog about the enhancements.

Known as Cloud OnRamp for Microsoft 365, it uses “proactive and continuous link probing to assess the best performing path at any point in time. It also allows network admin to utilize Microsoft URL categories granularity for categorizing the Microsoft 365 apps into Optimize, Allow and Default categories, while active link probing makes sure that the best performing path is always selected”.

How it works

This latest update to Cisco’s SD-WAN software, which continually monitors and controls the connectivity, management, and services between data users (remote or office based) and cloud and data centre services, now includes support for more Microsoft SaaS applications specifically SharePoint (and OneDrive) and Microsoft Teams.

Cisco SD-WAN customers can leverage Cisco’s Cloud OnRamp to intelligently route Microsoft 365 traffic, to provide the fastest, most secure, and most reliable end-user experience. This is done by ensuring that all connectivity paths to Microsoft 365 from each WAN / Internet connection at the branch, office, regional hub and/or data center is monitored continuously for performance, and application traffic is then dynamically routed to the best-performing path without requiring human intervention. Cisco Cloud OnRamp also provides real-time and historical visibility into SaaS application performance.

“I am excited to announce that the integration between Cisco SD-WAN and Microsoft Informed Network Routing now includes support for Microsoft Teams and SharePoint app telemetry. This update will help us deliver an improved end-user experience through enhanced cloud connectivity. The partnership between Microsoft 365 and Cisco SD-WAN further enhances your Microsoft Teams and SharePoint experience by optimizing routing and path selection beyond traditional network telemetry probes”

Jeff Mealiffe | Principal Architect | Microsoft 365 Core Networking | Cisco

Microsoft and Cisco Partnership

Cisco SD-WAN is Microsoft Network Partner Program (NPP) certified and is also a Microsoft 365 networking partner. As part of this program, Cisco SD-WAN aligns with the Microsoft’s Connectivity Principles aimed at helping Microsoft 365 customers achieve optimal end-user experience.

What is SD-WAN?

SD-WAN technology is available from leading network and vendors such as Cisco, Palo Alto etc, and typically include routers and switches or virtualised customer-premises equipment (vCPE). They run together using a connected software stack that handles things like policy, security, networking functions, and other management and security functions.

Cisco SD-WAN technology enables enterprises to build a scalable and carrier-neutral WAN infrastructure, allowing them to reduce WAN transport costs and network operational expenses. Cisco SD-WAN enables IT to apply business-centric, application-aware, and differentiated routing policies – providing end users at the remote offices, branch direct connectivity to performance-intensive trusted app, such as Microsoft 365, while routing generic Internet traffic via SWGs, CASBs, or the customer’s VPN connected data center.

Microsoft’s new “Cyber Signals” gives vital insights into current cybersecurity threats

Microsoft has launched their first Cyber Signals, a new quarterly cyber intelligence brief that highlights the latest cyber security threats, tactics, and strategies and is aimed at Chief Information Security Officers, Chief Information Officers, Chief Privacy Officers and other senior security opps teams.

Microsoft Cyber Signals Report

The brief is built using Microsoft’s extensive threat and data and research which leverages insights from more than 24 million security signals as well as intelligence data mined from the monitoring of 40 nation-state groups and over 140 threat groups. Microsoft has focused the first edition specifically on identity, which they believes is “the battleground for security” and the biggest weakest link in most organisations security posture.

In the briefing, Microsoft state that “Our identities are made up of everything we say and do in our lives, recorded as data that spans across a sea of apps and services. While this delivers great utility, if we don’t maintain good security hygiene our identities are at risk. And over the last year, we have seen identity become the battleground for security.

Perhaps the biggest point raised in this Cyber Signals report is the worrying low adoption of strong identity authentication across organisations. This includes multifactor authentication (MFA) which are proven to reduce the risk of compromised identity by 99.9%.

Here are they key highlights from the report.

  • Only 22% of customers using Microsoft Azure Active Directory (Azure AD), Microsoft’s Cloud Identity Solution, have implemented strong identity authentication protection as of December 2021.
  • Microsoft Defender for Endpoint blocked more than 9.6 billion malware threats targetting enterprise and consumer customer devices
  • From January 2021 through December 2021, Microsoft blocked more than 25.6 billion Azure AD brute force authentication attacks and intercepted 35.7 billion phishing emails with Microsoft Defender for Office 365.

The full brief also examines how nation-states are using spear phishing attacks and targeted social engineering to obtain passwords and other sensitive data. It also details the latest Ransomware attack trends and how they are being along with guidance and recommendations for how to stop the attacks.

“Microsoft ended 2021 with 71 billion cyberattacks blocked.”

Microsoft Cyber Signals

Much of the research explained by leading security chiefs including Christopher Glyer – the principal threat intelligence lead at the Microsoft Threat Intelligence Center which employs nearly 4,000 security experts and threat hunters.

You can learn more about these trends and read the report on Microsoft’s Security Blog site….

… Oh and please let’s get MFA enabled for all corporate accounts and close that front door!

Use MFA

Defender for Endpoint now included within Microsoft 365 E3/A3

As of today (14th Jan 2022) Microsoft Defender for Endpoint Plan 1 is now included within Microsoft 365 E3/A3 licenses.

Microsoft Defender for Endpoint (Plan 1) extends Microsoft 365 security by including world class threat and attack prevention capabilities to help you deliver against your Zero Trust strategy, reduce cost (by negating the need for additional products) and simplifies security management.

Defender for Endpoint Plan 1 includes the following key features (among others).

  • Next generation, born in the cloud, antivirus, anti malware and anti ransomware protection that leverages all the intelligence of the Intelligent Security Graph to help keep users endpoints secure and protected.
  • World class attack surface reduction capabilities that harden the device, prevent zero day attacks, and provide granular control over access.
  • Device based conditional access which leverages Azure AD and the Intelligent Security Graph to provide additional layers of protection and breach protection and forms a key part of your Zero Trust Security architecture.

Microsoft Defender is a Top right Magic Quadrant leader for Endpoint Protection.

Gartner Magic Quadrant for Endpoint Protection

What’s included in Defender for Endpoint Plan 1

The following diagram from Microsoft illustrates the key services and features included within both Plan 1 (now part of Microsoft 365 E3 and A3) and Plan 2 (part of Microsoft 365 E5 and A5 or available as an add-on).

Defender for End Point Plan 1 vs Plan 2.

Microsoft Defender for Endpoint Plan 1 supports client endpoints running Windows 7 with Extended Security Updates, 8.1, 10, 11, macOS, Android, and iOS.

What about Plan 2?

Microsoft say that Plan one provides a strong baseline and leading edge protection against modern day, zero day and every advancing threats.

For the complete set of endpoint security capabilities, as shown above, Microsoft advise that organisations strongly consider Microsoft Defender for Endpoint Plan 2.

“Plan 2 builds on Plan 1 and provides a best in class EDR solution including automated investigation and remediation tools, advanced threat prevention and threat and vulnerability management (TVM), and hunting capabilities which which combined with the wider Microsoft Defender suite provides seemless, integrated and cross architecture protection”.


To find out more, please refer to the official Microsoft documentation.

https://aka.ms/MDEP1docs

Microsoft SIP gateway service let’s you use legacy SIP phones with Teams

Microsoft’s SIP gateway service was officially released as of today today. This means organisations can now repurpose a wide range of ‘old’ SIP phones and use them with #MicrosoftTeams helping to reduce TCO of Teams Voice Migrations and drive value out of legacy hardware.

The new SIP Gateway Service (which has been in private preview for a few months) is a solution that enables core Teams calling functionality on compatible SIP phones including many from Cisco, Poly, Yealink and AudioCodes.

Microsoft SIP gateway

Breathing life into legacy handsets

The SIP Gateway supports the following core Teams calling functionality:

  • Inbound and outbound calls
  • Call transfer
  • Meeting dial-in and dial-out
  • Device level based “do not disturb”
  • Voicemail with message waiting

The SIP Gateway Service is FREE

Microsoft are making the SIP Gateway service for free, and any user can use the SIP Gateway so long as they meet the following requirements.

  • Licensed for Teams Phone via Office 365 E5, Microsoft 365 E5 or a standalone license.
  • Enabled for PSTN, which means a phone number in Teams assigned via Calling Plan, a Direct Routing or Carrier Connect (calling via third party apps not supported)
  • Common Area devices licensed via Common Area Phone license.

For the best experiece Teams Phones are recommended

In the official Microsoft Teams blog, Microsoft reminds us that while their SIP Gateway and Skype for Business 3PIP Gateway services provide valuable flexibility for organisations wishing to sweat their legacy SIP phone investments, Teams phone devices provide the most complete Teams experience.

What devices are supported

These are the currently supported phones (at time of writing).

  • Cisco IP Phones (6821,7800 series, 8800 series)
  • Poly SIP Phones (VVX 100,200, 300, 400, 500, 600 etc.)
  • Yealink Phones (T20, T30 T40 and T50 series)
  • AudioCodes HD 400 series

Note: for Cisco, organisations need to license the MPP firmware for each SIP phone


You can read the full annoucement here:

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/enable-core-microsoft-teams-calling-functionality-on-compatible/ba-p/3030196

Cisco’s new Enterprise Agreement is great for partners and customers

I feel I must congratulate Cisco on the annoucement of their new partner and customer centric Enterprise Agreement.

Simple and Inclusive

This looks and feels like one of the simplest yet powerful subscription based licensing programmes in the channel… at a time when “other” major vendors seem to be struggling to get a model right that is fair and offers value to both customer and partners regardless of size.

Consistent across their solution portfolio

When fully available in early 2022, Cisco will make their full portfolio of services available through a single agreement rather than the current multiple EAs with different terms, rules and portals they have today. Instead the EA will cover all five of Cisco’s solution areas – application infrastructure, networking infrastructure, collaboration, security and services.

Helps make it easy for customer to buy solutions across the stack

This new EA will dramatically simplify purchasing and selling as it creates one program and one experience for everything Cisco do and aligned to their product portfolio.

For example, Cisco has been beating the drum hard with the concept of “full stack observability”, which is growing in importance in this multi-cloud centric, highly mobile and hybrid world.

To make this a reality, customers, need to buy products across multiple technology and solution stacks, including services like AppDynamnics, ThousandEyes, Intersight etc., but this new should make it much easier for partners to sell and for customers to buy.

#cisco #collaboration #ciscopartner #security #partners #customers #subscription

Microsoft buys CloudKnox, the only multi-cloud, hybrid cloud permissions management platform

After their acquisition RiskIQ just last week and ReFirm the month before, Microsoft have just annouced they are now aquiring CloudKnox, a leader in Cloud Infrastructure Entitlement Management (CIEM).

Who are CloudKnox?

Founded in 2015, CloudKnox, are the only multi-cloud, hybrid cloud permissions management platform that provide granular visibility, automated remediation and continuous monitoring consistently enforcing least-privilege principles to reduce risk. CloudKnox works with Azure, as well as the AWS and Google public clouds as well with leading virtualisation and hybrid cloud vendors including VMware.

Image displaying key features of CloudKnox
CloudKnox

CloudKnox are the leaders in Cloud Infrastructure Entitlement Management (CIEM) space and offers complete visibility into privileged access within cloud services.

What Microsoft plans to do with the CloudKnox acquisition.

In Microsoft’s most recent security blog, Joy Chik (VP of Identity at Microsoft) said:

“Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments….Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.”

Joy Chik, Corporate VP of Microsoft Identity

The post (which can be read here) summarises how Microsoft will leverage the CloudKnox technology to help Security Admins with tasks such as managing privileged access in multi-cloud and hybrid cloud environment through a set of comprehensive yet simple threat assessments and prevention methods as well as ensuring security enforcement and governance.

Finally Microsoft said that the acquisition of CloudKnox will allow Microsoft to further harden Azure Active Directory with more granular visibility, continuous monitoring and automated remediation for their hybrid and multi-cloud identities, access and permissions further solidifying their market leading position in Identity and Access Management.


Windows Server and SQL 2008 and 2012 – Extended Support Options

SQL and Windows Server 2008

Extended Security Updates were made available (at a cost) by Microsoft for both SQL Server and Windows Server versions 2008 and 2008 R2 since “official support” ended but these extended support update are also now coming to an end on:

  • SQL Server 2008: July 9th, 2022
  • Windows Server 2008/2008 R”: Jan 14th, 2023 respectively.

If your organisation is still running any of these older server products in Azure then you will be currently entitled to (and receiving) 3 years of free Extended Security Updates, and Microsoft have recently announced that one more year of Extended Security Updates will be available BUT ONLY if these workloads are running in Azure.

 

SQL Server and Windows 2012

Support for SQL Server 2012 and Windows Server 2012 / 2012 R2 is also coming to an end:

  • SQL Server 2012: July 12th, 2022
  • Windows Server 2012/2012 R2 on October 23rd 2023

As with version 2008, Microsoft will be making (again at a cost) 3 years of Extended Security Updates available from your licensing partner or Cloud Solution Provider (CSP) and, as before these will be free if these workloads are running (or moved into) Azure

If you are no planning on moving these into Azure, then you’ll need to buy licences for each server instance you need to cover.

Cost for ESU are

  • Year 1: 75% of the licence cost
  • Year 2: 100% of the licence cost
  • Year 3: 125% of the licence cost

What are my options?

If you are still on Windows Server 2008 or SQL 2008, you have 3 options:

  1. Migrate the VMs/Servers into Azure for  ONE MORE YEAR of free support
  2. Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
  3. Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.

If you are Windows or SQL Server 2012, you have 4 options:

  1. Pay for Extended Support for up to 3 years
  2. Upgrade the Servers to a supported version of SQL and Windows 
  3. Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
  4. Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.

 

Further Reading and References

You can find the formal announcement here, along with the data sheet which does into more detail, as well as a FAQ from Microsoft. 

#Windows365 is here as Microsoft announces Cloud PC at Inspire2021

Windows365 is a new service that will let users access their corporate ‘cloud’ PC from anywhere by streaming a version of Windows 10 (or Windows 11 when released) in a web browser. At initial launch, (2nd August 2021), organisations have two edition options – Windows 365 Business and Windows 365 Enterprise – with multiple Cloud PC configurations in each edition based on performance needs.

Designed for the disparate and agile workforce

Windows 365 allows organisations to equip distributed workforces, temporary and seasonal employees, contractors, and employees who have a need for specialised workloads in a flexible and highly secure manner – regardless of their location or device. Windows 365 will allow organisations to add and remove users with secure managed Cloud PCs according to the changing needs of the business and of the individual user, allowing them to scale for busy periods without the logistical challenges of issuing new hardware. Cloud PCs can be scoped, and scales based on the specification/power that best meets the user need and is paid for on a simple per user per month price.

Built on Azure Virtual Desktop – runs on anything

Windows 365 is built on Azure Virtual Desktop but simplifies the virtualization experience and licensing. Organisations that require greater customization and flexibility can of course still opt for Azure Virtual Desktop to modernize their VDI (Virtual Desktop Infrastructure) in the cloud or use a combination of both. 

Windows 365 offers a consistent Windows experience, across any device/operating system including Windows, Mac, Linux, iOS, or Android. It promises to support all your business apps such as Microsoft 365, Dynamics 365, Power Platform, line of business apps, and more as well as the Office 365 suite.

It provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device and allow them to pick up right where they left off. The state of a user’s Cloud PC remains the same, even when they switch devices.

Feature Support for Windows 365
Windows 365 Device Support (July 2021)

Consistent Device Management

Microsoft Endpoint Manager is used to procure, deploy, and manage Cloud PCs for their organisation, since Windows 365 is consistent with how they manage physical devices with Microsoft End Point Manager. Cloud PCs are managed alongside physical devices and can apply management and security policies to them in the same way as they do on physical devices.  There is extensive monitoring too and IT can change on the fly the specification (processor, RAM, and disk) to adjust the performance of the Cloud PC to make sure the users are getting the best experience. There’s also built-in analytics and performance metrics to look at connection health across network to make sure the Cloud PC users can reach everything they need.

Build on Zero Trust Foundation

Windows 365 is built with a focus on a Zero Trust architecture. It stores information in the cloud, not on the device, and encryption is used everywhere as you’d expect with an Azure service. All managed disks running Cloud PCs are encrypted, stored data is encrypted at rest, and all network traffic to and from the Cloud PCs is also encrypted.

Licensing Information

Unlike other virtualisation services, Windows 365 is priced on a per-user price and are allocated via the Microsoft 365 admin centre portal in the same way as other Microsoft 365 E3/E5 licenses.

Windows 365 will initially come in two flavours – Business and Enterprise, and Microsoft will offer 12 different configurations for both the editions. The Cloud PCs can be configured with a single CPU, 2GB of RAM, and 64GB of storage at the low-end, all the way up to eight CPUs, 32GB of RAM, and 512GB of storage.

A full range of available configuration and example scenarios is available here.

Windows 365 will be officially available on August 2, 2021, and pricing will be announced on the same day, though rumours say we expect pricing to start from ~£25pupm

 

There are no clouds in space… But there is Azure!

I read an article recently about Stephen Kitay – the Former Deputy Assistant Secretary of Defense for Space Policy, who is now  Senior Director at Microsoft Azure Space. It got me thinking… Firstly.. what a cool job title…. and secondly… what is Azure Space..

It’s quite cool.. Tech and Space!

Microsoft says that “Azure Space was created to be the platform and ecosystem of choice for the mission needs of the space community” . It’s designed to make connectivity and compute increasingly attainable across industries including agriculture, energy, telecommunications, and government.”

Azure Space Overview

I loved researching and sharing some of what I read. What a great project to be part of… Imagine being asked what do you at a networking event and saying “supporting customers on their space missions off and on the planet, using the power of cloud and space technology to help business across industries re-imagine solutions to some of the world’s most challenging problems”

Taking cloud-powered innovation beyond Earth with “Azure Space”.

With the enormous challenges space presents, there also comes great opportunity. The space community is growing rapidly, and innovation is lowering the barriers of access for public and private sector organizations.

Microsoft is the first hyperscale cloud service provider to join the Space Information Sharing and Analysis Center (ISAC) as a member organization and they plan to share our unique global threat insights to protect critical infrastructure and strengthen cybersecurity expertise across the space community.

What is the purpose and applications for Azure Space?

Microsoft are diligently working to make Azure the platform of choice for the mission needs of the space community, bringing our unique global threats insights to protect critical infrastructure and strengthen cybersecurity expertise in the space industry“.

But…. Its not just about sticking Azure in space stations and shuttles.

Putting compute, data and AI into space makes connectivity and compute increasingly more attainable and accessible across the globe and has huge benefits across industries such as agriculture, energy, telecommunications as well as across the public sector and in particular in regions where traditional connectivity and access to compute is more sparse. Third and developing world nations will also hugely benefit. “ our ambition is to grow the entire world community, which is the basis for Azure Space.”

OK so what is Azure Space though?

Azure Space is basically a set of innovative service offerings, a new partner ecosystem and a global strategy focused on specific core areas to addresses never-before-seen security challenges. Azure Space is made up of 3 main things..

Azure Space Components Overview

Azure orbital

Azure Orbital is a Ground Station As-a-Service that provides communication and control of a satellite and enables satellite operators to communicate with and control their satellites, process data, and scale operations within Microsoft Azure.

Azure Orbital brings satellite data directly into Azure, where it can immediately be processed with market-leading data analytics, geospatial tools, machine learning, and Azure AI services.

In essence Azure Orbital will allow  organisations/providers of “space connected stuff”, to take full advantage of the Microsoft’s global network and services infrastructure to build new product offerings and services with the edge, 5G, SD-WAN, and AI.

Azure Modula Datacenter

 The Azure Modular Datacenter (MDC) is a complete, rugged datacenter solution for organisations/servjce providers that need cloud computing capabilities in hybrid, sparse or challenging environments like space.

Microsoft designed the MDC to support high-intensity, secure cloud computing in challenging environments, such as situations where critical prerequisites like power and building infrastructure are unreliable. Built on Azure Stack(r), it is a self-contained unit the provides the capability to deploy a complete datacenter to remote locations, or to complement existing infrastructure. The MDC runs primarily on terrestrial fiber, low-bandwidth networks, or be completely disconnected.

Azure Orbital Simulator

With space mow opening up to more commercial and government space organisation, the pace and demand of developing interconnected satellite networks increases exponentially.

To aid with this, Microsoft have created Azure Orbital Emulator, an emulation environment that conducts massive satellite constellation simulations with software and hardware in the loop. This allows satellite developers to evaluate and train AI algorithms and satellite networking before ever launching a single satellite reducing cost, time and money as well as human safety naturally. With Azure Orbital Emulator, Azure can emulate an entire satellite network including complex, real-time scene generation using pre-collected satellite imagery for direct processing by virtualized and actual satellite hardware.

“The Goal of Azure Orbital Emulator is to aid the preparation of space missions with the power of Azure.”

Azure Orbital Emulator is already being used Azure Government customers globally.

Credits and further reading

Some of the content here is referenced/quoted from the full comprehensive report. https://www.helpnetsecurity.com/2021/07/13/microsoft-azure-space and on twitter at @helpnetsecurity. Much of the information comes from Microsoft Azure blogs referenced below.

For further reading (it’s quite interesting) you can read Microsofts official blurb and ongoing updates here.

Registration open for ‘virtual’ Microsoft Inspire 2021 partner event.

Microsoft has opened registrations for this years Inspire 2021 virtual conference, which will be held on July 14th and 15th.

Microsoft Inspire is Microsoft’s largest (and global) annual partner event and as usual features several high-profile global execs including CEO Satya Nadella and EVP of Worldwide Commercial Business Judson Althoff.

What might we hear about?

Last year, there was huge news and updates around Azure,  Microsoft Teams, Microsoft Edge as you’d expect with also a focus on new services such as Microsoft Lists, and Power Automate Desktop.

This year we can expect to hear some new enhancements and updates and I expect to see a focus around the recently(ish) announced Microsoft Viva along with more updates around Windows (following the event on the 24th June) and probably some new things none of us are expecting… .

You can register for Microsoft Inspire 2021 on this page with your Microsoft account, Office 365, LinkedIn, or GitHub account.

See you there Microsoft partners…

Windows Virtual Desktop becomes Azure Virtual Desktop

Microsoft announced today that they are rebranding Windows Virtual Desktop (WVD) to Azure Virtual Desktop (AVD).

In the annoucement, Microsoft also said that a number of new enhancements (some of which have gone into public preview from today) are coming, which are part of the wider and longer term vision and the changing needs of customers. In the annoucement Microsoft said that the COVID19 pandemic has resulted in organisation moving rapidly to Windows Virtual Desktop for “secure, easy to manage, productive personal computing experience with Windows 10 from the cloud”.

Improved Azure AD Support

Azure Virtual Desktop will support the ability for users to domain join their virtual desktops directly to AAD using just their credentials. They are also fully removing the need for organisations to need Windows domain controller allowing Azure AD as the only or primary authoritive directory service.

Azure Virtual Desktop will also add further support for secure sign on and single sign on, bringing support for smart cards and FIDO2 keys

Another feature now out in public preview is the ability to enroll and manage Windows 10 Enterprise multi-sessions virtual machines through Endpoint Manager just like admins would for physical machines. This further improves the process of managing both physical and virtual desktops using the Endpoint Manager admin center.

Enhanced Endpoint Manager support.

Microsoft have said they are also adding support for IT to be able to automatically enroll these virtual machines using Microsoft Endpoint Manager (formerly Intune), bringing a much more “streamlined” deployment and management experience.

Also coming soon (and in public preview from today) is the ability to be able to enroll and manage Windows 10 Enterprise multi-sessions virtual machines through Microsoft Endpoint Manager in the same way that physical devices are managed today. This closes the management gap and streamlines the process of managing both physical and virtual desktops using the same Endpoint Manager experience.

New QuickStart Experience

Microsoft said that new deployment onboarding experience which will be available soon (in preview first naturally). This is designed to help organisations initiate fully automated deployments from the Azure portal using just a simple wizard style process.

New “per user” pricing model

Yes.. As it pricing and license wasn’t complicated enough, there are new pricing options coming for organisation to leverage Azure Virtual Desktop VDI and streamed applications in the form of a true SaaS based model.

To make this simpler, Microsoft have announced a new monthly per-user pricing

This new pricing will launch on January 1st, 2022, and will be $5.50 per user per month for apps, and $10 per user per month for apps plus desktops.

A launch promo will mean organisations will be able to use Azure Virtual Desktop for streaming first-party or third-party applications to external users at no cost from July 14, 2021, to December 31, 2021, after which they will need to keep paying for the underlying Azure infrastructure.

You can read about the pricing options here.

The biggest announcements from MSFT Ignite 2021

So, it wouldn’t be a Microsoft event (#MSIgnite) without a handful of “wow” demos, updates, and new products announcement both in preview and GA across Teams, the wider Microsoft 365 platform, Azure, Windows 10 and Power Platform, but without doubt the biggest “thing” to happen at Ignite this year was Mcirosoft Mesh.  Anyway, here’s my 

As in previous years), Microsoft have published their “encyclopaedia” if you like, of Ignite (the #BookOfIgnite ) which covers all the announcements in detail along with links to blogs and tech articles.

This post, on the other hand is a summary of my personal “top 3” announcements across each of the core solution areas. Of course, depending on your role, line of business and priorities, and interests, you will have your own favourites so feel free to let me know yours in the comments.

 

Microsoft Mesh

This stole the show from the moment the keynote started and was without question the biggest news of Ignite 2021. Much of the keynote and later sessions were available to watch live AltSpace VR in both Mixed and Virtual Reality. Mesh is Microsoft’s new Mixed Reality Platform which is designed to allow people who are in physically various locations to join collaborative and shared holographic experiences across many kinds of devices.

The business case for Mesh builds upon the success of HoloLens 2 and is designed (and was highlighted) for organisations to let their teams joined shared virtual spaces for collaborative meetings, where everyone will appear as virtual avatars (reminds me of the holograms in the StarWars). Microsoft say that their target audience is both enterprise and commercial customers. Microsoft Mesh can be accessed through an updated version of AltSpace VR, which is Microsoft’s VR platform. Microsoft Mesh will be coming to HoloLens via a dedicated app and solutions built through Mesh by developers will also be able to be tailored/supported to Windows Mixed Reality, PCs, Macs, Smart Phones, and headsets like Oculus.

Microsoft Teams

Teams Ignite Features
Highlight of new Teams Meeting Features

 

Always needing its very own category, my top 3 in this category are:

1. Improvements for Teams Meetings and Live Events.

    • Teams can now be used to create and run fully interactive webinars for up to 1,000 attendees and will also support webinars with up to 20,000 attendees from later this month. This will also be included for any customer with Office 365 E3 and more without any additional licenses or cost.
    • Dynamic View for Teams meetings will be released next month and is all about ensuring more inclusive and natural meetings for remote/hybrid meetings making them more engaging. Dynamic view uses AI to adjust elements of the meeting to allow for display different modes such as charts, chats, etc next to video feeds as well as an overlay of presenter video and presentation space.
    • Improved privacy and security in meetings – with meeting-only meeting controls and end-to-end encryption in one-to-one calls.
    • PowerPoint Live in Teams is available now. The much-requested feature combines slides, notes, and meeting chat in a single view to help make presentations easier for speakers and presenters and to make them more engaging for attendees.

2. Teams Connect

A new channel-sharing feature coming to Teams “later” this calendar year. This will enable users to share channels with anyone, internal or external. Unlike guest access, the shared channel will appear within a user’s primary Teams tenant, alongside other Teams channels meaning that “multiple organisations can share a single channel” that all members can then access from their own Teams environments. Channel sharing seems is great for scenarios where multiple organisations are collaborating on a specific project for example. Guest Access isn’t going anywhere and is still relevant as this is more suited to situations where an external organisation or person needs broad access to data, meetings, and information, beyond just a specific channel. This is currently in “private preview”.

3. Teams Calling Updates

  1. Direct Routing and Survivable Brach Appliances: With the explosion of customers enabling and migrating to PSTN calling in Teams from traditional IP PBXs, the use of Direct Routing grown 8-fold, Microsoft announced several new certified Session Border Controllers (SBC) for Direct Routing, with 6 new SBCs completing certification in just the past 3 months. Additionally, to add resiliency to the most critical locations, Survivable Branch Appliance (SBAs) are now generally available, enabling PSTN calling in the event an outage does not allow the Teams client to directly connect to Microsoft 365 global services.

  2. Operator Connect Conferencing brings an “operator-managed service” that provides “bring your own operator” for conferencing, meaning customers can keep their preferred operator contracts in place as they migrate their PSTN infrastructure to the cloud. This also allows additional geographic dial-in coverage, enhanced support, and reliability with locally agreed technical support and SLAs. This enters private preview from June, with the initial wave of qualified partners, including BT, Deutsche Telekom, Intrado, NTT, Orange Business Services, and Telenor.

  3. New Cloud Calling Plan Countries were also announced, with Microsoft native calling plans coming to 8 new markets from April 2021 including New Zealand, Singapore, Romania, Czech Republic, Hungary, Finland, Norway, and Slovakia, bringing native Microsoft Teams Calling Plans to 26 markets across the globe.

    Teams Calling Countries - April 2021

Identity, Security & Compliance

1. Identity

Focusing on helping organisations deliver on their Zero Trust strategy including, 

    1. Password-less authentication which is now “generally available” for cloud and hybrid environments meaning customers can move towards a truly password-less world leveraging multi-factor authentication and risk based conditional access to provide just in time, assume breach, challenge everything approach to identify and access management without the need for passwords.

    2. Azure AD Conditional Access now uses authentication context to enforce more granular policies based on user actions across the applications they are using or the sensitivity of data they’re trying to access.

    3. Azure AD verifiable credentials will be in public preview later this month. Verifiable credentials allow organisations to confirm information without collecting or storing personal data, improving security and privacy.

2. Security announcements

A wealth of announcements here as well, all of which will further strengthen, Microsoft’s commitment to deliver the absolute best security protection, detection, and response for all clouds and all platforms:

    1. Azure Sentinel now seamlessly integrates with Microsoft 365 Defender with shared incidents, schema, and user experiences to simplify investigations for a totally aligned view and remediation surface.
    2. Endpoint and Office 365 defender capabilities are now also integrated into the Microsoft 365 Defender portal.

    3. New Threat Analytics experience within the Microsoft 365 Defender portal provides a set of reports from expert Microsoft security researchers designed to help customers understand, prevent, and mitigate active threats, like the recent Solorigate / SolarWinds attacks.

    4. The Secure-core services that are now build into Surface devices (and other leading Windows 10 devices) is also coming to Windows Server and Azure edge devices to help minimise risk from firmware vulnerabilities, attacks, and advanced malware in IoT and hybrid cloud environments.

3. Compliance announcements

    1. Co-authoring of Microsoft Information Protection-protected documents will be available in “public preview” from this week. This in my experience the number one blocker of being able to properly deploy organisational wide information protect across SharePoint sites, Teams, and individual documents since currently (well, prior to this announcement) it was not possible to co-author docs that were encrypted which makes most of the power of Modern Office 365 and co-authoring useless. This feature helps significantly close the gap between security and productivity.

    2. Microsoft Azure Purview was announced in more detail. Purview provides new cross-platform support and deeper insight into data classification and protection across structured and un-structured data across on-premises, data bases, Microsoft Cloud and third-party services including Google and AWS – it’s Azure Information Protection on steroids!

    3. Microsoft 365 data loss prevention (DLP) now supports Google Chrome browsers and on-premises file shares and SharePoint Server as well as SharePoint Online and of course Microsoft’s Edge (Chromium based) browser.

    4. Microsoft 365 Insider Risk Management Analytics was released into public preview.

Power Platform

1. Power Automate Desktop was made free!

This is really really big news for any organisation that is looking, using, or intending to use Robotic Process Automation (RPA).  Power Automate Desktop is a an “attended Robotic Process Automation” solution which is a macro recorder on steroids. You can download it now if you want to try it. It will be available first for #WindowsInsiders to try (built into Windows 10), however it will eventually be rolled out to Windows 10 as a core product (most likely as an optional feature). Until now, a per user for month for the tool would cost about £12 a month. Power Automate currently has circa 400 actions to help build flows across different applications and the best part is that it enables you to build your own scripts to automate time consuming repetitive tasks which saves time and money. Microsoft’s goal here is to “democratise the development for everybody with Power Platform” by making no-code/low-code accessible to everyone not just developers.

2. PowerFX (a new low code programming language) was announced.

PowerFx is a low code programming language that is based on the foundation of the Microsoft Power Apps canvas. What’s great is that since Power Fx is based on Microsoft Excel, it will naturally be a great fit for a wide range of people since it will leverage skills, they “many” already know and becomes a common ground for business users and professional developers alike to express logic and solve problems. Microsoft also said they were planning make Power Fx, open source, making the language available for open contribution by the broader community on GitHub.

3. Dynamics 365 now seamlessly integrates with Microsoft Teams

This ensures conversations, calls, meetings, and chat will be available across dynamics 365 – within opportunities, sales, marketing, finance, and operations.

Windows 10

Windows 10 usually gets a backseat at Microsoft Ignite (as it typically focusses on cloud services and new things), but this year, there were some things which resonated.

1. Power Automate Desktop

As discussed above, Power Automate Desktop was announced and will be free for all Windows 10 users including Windows 10 Home and Pro and not just to Enterprise users. You can read more about this above.

2. Windows 10 in Cloud 

Simply put, cloud configuration is a Microsoft-recommended device configuration for Windows 10, cloud-optimised for users with specific workflow needs. IT admins use Microsoft Endpoint Manager to apply a standard, cloud-based, easy-to-manage configuration of Windows 10 to a selected set of new or existing devices. The configuration works on devices running Windows 10 Pro or Windows 10 Enterprise and may be appropriate for workers who only need a limited number of IT-curated and approved applications to meet their targeted workflow needs. User accounts are registered in Azure Active Directory and devices are enrolled for cloud management in Intune, so they are automatically updated with continuous product and security updates.

Microsoft announced that the newly announced Windows 10 in Cloud has now been integrated into Microsoft Endpoint Manager, which will make it even easier to provide a secure device configuration regardless of the type of worker. Microsoft also made a full “Windows 10 in cloud configuration overview and setup guide” available which is designed to help solution integrators, partners, and internal IT teams to apply a uniform, secure and easy-to-manage cloud-based configuration of Windows 10 Professional or Enterprise devices.

3. New version of Windows 10 Perhaps?

Well maybe! During a Fireside chat session at Ignite, Surface and Windows Lead, Panos Panay “teased” of some major updates and design changes coming to Windows. Windows 10 Insider LogoThese were very much hints and teases than any firm commitments but talked a lot about the fact that Microsoft has not “talked about the next generation of Windows for a while” and that he was “so pumped” for it – ending with “it’s going to be a massive year for Windows.”


Written: 05 March 2021

Microsoft announces “Cloud for Healthcare” at #MSBuild2020

As Microsofts’ annual dev conference Build opened today (May 19 2020), Microsoft announced the launch of the Microsoft Cloud For Healthcare, — a new Microsoft Industry Cloud solution.

Microsoft said that the solution aims to integrate Microsoft Cloud with an “industry-specific data model” “cross-cloud connectors,” and APIs to better help serve the global healthcare industry.

Global capabilities uniting the healthcare industry

The Microsoft Cloud for Healthcare wi bring together capabilities from across many Microsoft Cloud Services 365. This includes Microsoft 365, Dynamics 365, Power Platform, and if course Azure. This will be powered by a common data model which will allow the sharing of data across various applications to provide better analytics. Microsoft say that this will allow health providers globally to provide better services for patients, clinicians and doctors by helping make it easier to deploy resources to the needs of all hospital and care units.

For example, Cloud for Healthcare, will focus on what Microsoft has identified as important needs for the field, like engaging patients, facilitating health team collaboration and improving operational efficiency, all with strict security measures.

Sample Health App powered services


Of course, an important component of healthcare is aftercare, where medical professionals need to keep in touch with their patients to follow up on their recovery and any post opp treatment, tools available to do so are generally limited to follow-up phone calls and emails, which are not only tedious but can sometimes not meet security standards or provide the best care.

Microsoft’s Healthcare Bot Service will be available as part of this service, which Microsoft say is behind more than 1,500 instances of COVID-19-based bots that have gone live globally since March 2020. These bots can help alleviate the strain on emergency hotlines for public and provide health providers while addressing common questions that patients might have.

Availability

Microsoft has said that a public preview will be coming in coming days and will be free for 6 months for evaluation, with general availability bringing late this calendar year.

Microsoft has also said that although the healthcare industry will be “first served” with the solution, they also promised that more industry-specific clouds solutions will follow.

Thoughts..

What do you think.. Is industry specific Cloud solutions a good next step for Microsoft?