Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Microsoft Azure

Everything You Need to Know About Azure Infrastructure – December 2020 Edition

Happy new year! I’m writing this article at the end of my first day back at work since November. I have barely looked at any work-related stuff in the last month. Writing this article will give me a chance to catch up with thing.

App Service Anti-Virus Logs in Public Preview

Microsoft has announced that Anti-Virus Logs for App Services are in public preview; This feature has been requested for years and will make a lot of Azure customers (or prospective customers) happy. Once a day, at a time you cannot currently control, Windows Defender will scan your Windows or Linux App Service content for malware. The scan logs can be sent, using Diagnostics Settings, to the usual destinations of Blob storage, Log Analytics (useful for reporting and Azure Sentinel), or external systems via Event Hub.

There are some limitations to Defender scans for App Services:

  • Only App Services with under 1 GB of content can be scanned.
  • Web Apps with less than 10,000 content files will be scanned.
  • Only the Premium and Isolated App Service tiers are supported.

The Premium SKU is quietly becoming the main SKU, supplanting the Standard SKU – the Premium SKU is required to use Private Endpoint.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

End of Support for IE 11 with Azure Portal

This is a short but important story. The Azure portal is to end support for Internet Explorer 11 on March 31, 2021. Your choices for replacements are:

Other Announcements from Microsoft

Azure Storage

Networking

Azure Virtual Machines

App Services

Azure Resource Manager

Management

Azure Security Center

Miscellaneous

Microsoft Naming

Microsoft is great at naming products. No – wait – no, they are pretty rubbish. Remember when Surface was a table and then it was a tablet? Or how about “Azure Database for MySQL Server”? The since-abandoned Forefront security product range? Or how about (breathes in) System Center Virtual Machine Manager Self-Service Portal 2.0 Service Pack 1, or SCVMMSSP 2.0 SP1 for short? Or Cortana everything?

I thought that Microsoft Azure was doing a pretty good job on naming. If you need DNS, you can use Azure DNS. If you need a firewall you can use Azure Firewall. If you need a VM, you use VMs – but which one?

Once upon a time, VM naming in Azure was simple – once you understood the system. The first (capital) letter denoted the series, often a slightly veiled reference to the origins or typical use case of the machine, for example, A was the first, D stood for disk or database, G for Goliath (it was the biggest), M for massive, and so on. Then that got expanded to include a specialization – NV for Nvidia virtualization, NC for NVIDIA compute, and so on.

A number originally indicated an ordering of the sizes in that series, but later became a reference to the number of cores or virtual processors (depending on the series) in the VM size.

Finally, some lower-case letters indicated special host hardware features – s for Premium SSD support, r for RDMA networking, i for isolation (the only VM on the host), and so on.

So, if you told me that you were using a Standard_H16mr then I knew:

  • It’s a H-Series for high-performance computing (HPC)
  • There are 16 cores
  • It has more memory than usual for the 16-core size
  • The machine has an additional RDMA NIC for low latency & high throughput transfers

Microsoft has announced that the NCas_T4_v3-Series VMs are now generally available. What’s that now? That’s a great question. The naming of Azure VMs has gotten out of control. I get that more specializations are required but this is getting like the old days when you tried to track IBM PC models in an enterprise – 10,000 identical looking machines, and 100+  models with different components, each requiring their own Ghost image (do you oldies remember that nightmare?).

Microsoft has always sucked at naming their products. The term “Defender” about as meaningful as “bread” in a supermarket. I really hope what we are seeing in Azure VMs doesn’t spill over into the rest of Azure and products become random letters in the alphabet or named after some managers home town.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (1)

One response to “Everything You Need to Know About Azure Infrastructure – December 2020 Edition”

  1. <p>100% agree on the naming! Another couple great frustrations with their naming:</p><p><br></p><ul><li>Using super generic names like "word" and "teams": good luck trying to filter out the crap when searching for an issue specific to teams in Teams!</li><li>Applying one brand name to many, sometimes disparate things (.NET! Skype/Skype for Business!). Having a brand umbrella is great, but the mistake often Microsoft makes is taking an existing product's name, then making that <em>product </em>name into the <em>brand umbrella</em> name (a common theme: whenever they have a hit, everything revolves around it). Again, good luck filtering out the crap when searching or avoiding confusion when discussing.</li></ul><p><br></p><p>And as you mention Defender, they've taken that brand umbrella naming mess and cranked it to 11. First was Defender ATP, which usefully distinguished Defender and Defender ATP. Then they started using ATP as an umbrella: Azure ATP, O365 ATP, etc. A good umbrella term, but muddied the waters somewhat for Defender ATP. But now, they're back-tracking and dropping ATP, and worse still, calling everything simply "Defender"–Defender for Endpoint, Defender for O365, etc. Now there's no "ATP" to distinguish Defender ATP from Defender as they're now the same, and don't expect people to use "Defender for Endpoint" in forums, etc. when searching, or even for Microsoft themselves to use the terminology consistently, whether in conversations, blogs, videos, or even official documentation (though their has documentation has gotten noticeably better; more consistently-used timestamps are greatly appreciated). </p><p><br></p><p>These are egregious and easily avoidable branding mistakes. Ugh!</p>

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: