This article is contributed. See the original author and article here.
We want to help everyone navigate this new world of work. At Microsoft, we’re taking a learn-it-all approach with Copilot, working alongside our customers and employees to understand what the organizations getting the most value out of Copilot are doing right.
This article is contributed. See the original author and article here.
In our January 2024 edition of What’s New in Microsoft Teams, we are highlighting 33 new features and enhancements to Microsoft Teams. These updates will help you collaborate more effectively, streamline workflows, and stay connected with your team. Keep reading to find out more about the latest updates and how they can help you and your organization. From new enhancements to meetings to improvements in chats, Teams Phone, Teams Devices, Platform, and Frontline Workers, there is something for everyone.
Some of my favorite features are Immersive Spaces and Decorate your Background. Immersive Spaces lets you transform your meeting into a 3D immersive experience by allowing your team to join a pre-built immersive space by selecting the view menu in a Teams meeting. Decorate your Background uses AI decorate and customize your real-world room, such as by removing clutter or adding plants to a wall. And this month we announced Intelligent recap is included with the Copilot for Microsoft 365 so users with a Copilot license will now also have access to Intelligent Recap in Teams even if you do not have a Teams Premium license.
And every month we highlight new devices that are certified and ready to use for Teams. You can find more devices for all types of spaces and uses at aka.ms/teamsdevices.
Please check out all the updates and give me your feedback! I’ll try to reply and answer questions as they come up.
Forward chat messages Forward chat makes it easier to get your work done with fewer clicks. Share a message with another colleague by right clicking the message and selecting “forward” or by clicking the “…” on the message and then “forward”. You can also add additional context to the message to provide greater clarity for the recipient. Messages can be forwarded to 1:1 chats and group chats.
Meetings
Mesh in Microsoft Teams To support hybrid work and geographically distributed organizations, we created Microsoft Mesh and integrated it right into Teams.
Mesh in Teams transforms your Teams meeting into a 3D immersive experience using next-generation technology that helps virtual connections feel more like face-to-face ones.
Getting started is easy. From the View menu in a Teams meeting, select the immersive space (3D) option, and enter a pre-built immersive space where you can connect and collaborate with others in 3D and with those in the standard 2D meeting experience. Whether you choose to use Mesh in Teams for a team social gathering, a brainstorming session, or a round-table discussion, you can use the same Teams features you love from within a 3D space, like accessing shared content for collaboration, communicating with Teams chat, and using live reactions to express yourself.
Mesh in Teams enhances your favorite Teams features by making you feel like you are physically co-located with others. Being in the same 3D environment creates a strong feeling of togetherness, or co-presence. This co-presence can spark spontaneous moments of dialogue and strengthen the bond of a shared experience. Visual and audio cues enable a sense of immersion that help keep you in the moment and eliminate external distractions. Spatial Audio and audio zones enable you to have multiple, simultaneous conversations and communicate effectively in subgroups without talking over each other – just like in the physical world.
Mesh in Teams is available with core Teams licenses. Organizations can also host larger events with custom, immersive experiences tailored to their needs with Microsoft Mesh, available through Teams Premium.
Intelligent recap included with Copilot for Microsoft 365 License If you have a Copilot for Microsoft 365 License you now have intelligent recap for Teams included in your license. Use intelligent recap after meetings to get a summary of the meeting. This summary includes personalized timeline markers to easily browse recordings by when you joined or left, when a screen was shared, and when your name was mentioned. You can also browse recordings by speakers, chapters, and topics as well as access AI-generated meeting notes, tasks, and go to name mentions in the transcript.
Decorate your background Make meetings more fun and personal with Decorate your background. Meeting participants can now use generative background effects in Teams to show up their best – even when the space they’re working from isn’t at its best. With Decorate your background, meeting participants can use the power of AI to generate a background that decorates and enhances their real-world room, such as by cleaning up clutter or adding plants to a wall. This capability is available for users with a Teams Premium license.
People specific link support for Collaborative notes With the launch of Collaborative notes, we are making meetings more effective and secure by using a new link type created by Collaborative notes. The new Collaborative notes component will generate a People specific link (PSL) by default. This link type offers more controlled access than a Company specific link (CSL) and aligns with tenants who have their file-sharing policy set as specific people. Tenants who previously had Collaborative notes disabled due to lack of PSL support can now enable and use the feature.
Automatically view up to 9 videos (3×3) in Teams meetings in Chrome and Edge With this update, you will now be able to automatically see up to 9 videos (3×3) on Chrome and Edge on your screen by default without an explicit action. Previously, Microsoft Teams Meetings supported a maximum of 4 videos (2×2) on the screen by default on web browsers.
Simplified audio and video controls Audio and video fly-outs in meetings are designed to make it easier and more efficient for you to manage your audio and video settings during Teams meetings. Now, when you want to select your camera or mic device, you can choose the right device directly from the fly-outs. You can also adjust the volume, spatial audio, and noise suppression controls from the audio fly-out. If you didn’t select your background during the pre-join screen, you can easily change your background directly from the camera fly-out. We’ve also made avatars accessible from the camera fly-out so you can use avatars in meetings. You can also adjust brightness and soft focus from the camera fly-out.
Virtual appointments
Assign staff and set duration for on-demand Virtual Appointments Scheduling administrators and staff managing on-demand appointments can assign specific staff members and set appointment duration to handle on-demand services. This ensures that when an on-demand appointment is requested, there is a designated staff member assigned to the appointment and the duration of the appointment will be determined. The designated staff member also receives a notification to attend the on-demand appointment. This capability is available for users with a Teams Premium license.
SMS notifications in Virtual Appointments template SMS notifications are available for appointments set up and scheduled using the virtual appointments template within the Teams app to improve the attendees’ appointment experience. Attendees will receive SMS text notifications about their appointment, including appointment details and the meeting join link so they can join directly from mobile if desired. Text notifications are sent for appointment confirmation, updates, and a reminder 15 minutes before the appointment begins. This capability is available for users with a Teams Premium license and is available for users in Canada, United Kingdom, and United States.
Teams Rooms and Devices
Find Certified for Teams devices for all types of spaces and uses at aka.ms/teamsdevices.
Newly certified for Teams AVer VB350 With a Hybrid 18X Zoom for Medium & Large Rooms With a streamlined design, dual 4K lenses, seamless lens switching, upgraded audio technology, and simple setup, the VB350 is the ultimate all-in-one solution for next-level video meetings. Level up to premium audio and video by using this powerful new video bar in your mid-to-large conference rooms. Learn more about AVer – VB350.
Newly certified for Teams Lenovo ThinkSmart 180 This premium conference bar delivers superior audio and visual experience featuring a modern form factor and best-in-class AI-accelerated performance. This stylish and easy-to-set-up meeting room bar will transform your small and medium-sized meeting rooms into next-generation collaboration spaces in no time at all. Impressive AI features follow the conversation, adjusting the view and audio to allow remote participants to feel like they’re sitting around the table, even if they’re across the world. Learn more about Smart Collaboration | Lenovo Tech today.
AudioCodes RXV200-B20 bundle is now certified for Teams The RXV200 bundle is designed to deliver an optimal hybrid meeting experience for focus rooms and includes the RXV200 intelligent A/V hub, the RX-PAD touch room controller, the RXVCam50 camera and RX15 speaker. The RXV200 is an Android Microsoft Teams Rooms device that orchestrates multiple audio and video peripherals to deliver an optimal hybrid meeting experience for all participants wherever they are located. The RXV200’s modular design supports content sharing, allowing participants to connect their personal devices via an HDMI cable, as well as dual screens and a wide range of AI capabilities. Learn more about AudioCodes RXV200 bundles.
AudioCodes RXVCam10-CC AudioCodes RXVCam10-CC content camera is now certified for Teams. The RXVCam10-CC enables whiteboard content to be easily shared between physically present and remote meeting participants. In conjunction with Microsoft Teams AI content enhancement capabilities, the RXVCam10-CC simplifies team collaboration and brainstorming in hybrid meetings. Leveraging Microsoft Teams AI, the RXVCam10-CC offers intelligent whiteboard detection and automatically adjusts the frame to include the entire whiteboard. It also offers additional content enhancements such as image sharpening, contrast adjustment and overlaying a transparent view of the presenter. The RXVCam10-CC is designed for durability and is easy to install in any meeting room thanks to its adjustable whiteboard mount accessory. Learn more about RXVCam10-CC.
Management of BYOD (Bring your own device) meeting spaces with Teams Rooms Pro Management The ability to view BYOD (bring your own device) rooms in the Pro Management Portal provides IT admins with a comprehensive overview of their BYOD rooms’ utilization and activities. With this new addition, IT admins will gain valuable insights into how these spaces are being utilized, enabling them to make data driven decisions.
New Shared display mode for BYOD meeting rooms The new shared display mode provides you the ability to extend your Teams meeting via a pop-out and view-only version of the stage onto the TV screen in BYOD meeting rooms. This mode ensures the meeting content is extended to the front of the room for others to see and provides you the peace of mind that your desktop is for their viewing only, minimizing the personal information others in the room can see.
Teams Phone
New partner integrations for Teams Phone contact center The Teams Phone contact center and compliance recording certification programs ensure that contact center and compliance recording solutions work smoothly and dependably with Teams by requiring them to pass third-party testing. We have recently certified two new ISV partners, BrightPattern and CenterPal. With these additions we now have 24 Contact Center certified solution partners and 13 Compliance Recording certified solution partners, and there are many more on the way.
Mobile
Updates to mobile in-call user experience Improving your access to calling features with a new and improved user interface during calls.
Live meeting status for mobile On mobile devices, Teams calendar shows the live status of a meeting with the pictures of the people who are on the call, if the meeting is being recorded and how long the meeting has lasted.
Play Azure protected voicemail in mobile Teams app You can now use a link to get to your Azure protected voicemails from the Teams App. You will see a notification for the voicemail on the Teams App and can click the attached link to open the voicemail on the web browser.
Collaborative Apps
1Page The 1Page app is the all-in-one productivity tool that creates a platform to empower sales professionals by connecting them with data, insights, and even prospective or existing customers. Now, with a co-pilot plugin, streamlined data and real-time insights can be accessed from the 1Page app with conversational language prompts across the Microsoft 365 ecosystem.
Alvao Alvao for Microsoft Teams automates routine processes, boosts team productivity, and helps users focus on key projects. With the latest extension into Microsoft 365 applications, tickets opened in outlook can more easily connect with an agent. The app helps with logging chat messages to tickets, creating a simple to track list of tickets to solve, and gives agents the ability to take and resolve tickets immediately.
Calm Calm for Microsoft Teams integrates the #1 app for sleep, meditation, and relaxation into your everyday workflow. Calm’s mindfulness content helps you feel more relaxed, productive, and connected by allowing you to engage with more than 3,000 Calm sessions within the Teams interface. This includes content to prepare for key moments at work, music to help focus, breathing exercises, movement, and more. You can access mindfulness sessions for yourself or with others during meetings, share mindfulness content via chat, and set reminders for mental health breaks to help reduce stress and anxiety, reset, refocus, and build resilience.
Planning for Educators Planning for Educators gives users the tools to streamline the planning process in Microsoft Teams so they can spend more time focusing on teaching. This flexible planning tool allows educators to organize and manage class resources including lesson plans, assignments, files, videos, and links. Students can also benefit from Planning’s comprehensive visual timeline and content made more accessible through Microsoft’s Immersive Reader.
SYNQ Frontline Hero The SYNQ Frontline Hero app brings SYNQ’s retail services to Microsoft Teams to connect retail store staff with customers at the speed and convenience of Teams. Staff can use this to efficiently manage in-store and curbside pickup orders, quickly answer customer queries in chat, and respond to requests for staff assistance or customer service.
IT Administration and Security
Configure maintenance window for Teams devices Within the Teams Admin Center, admins can set up the time windows for their Teams devices maintenance. These time windows will be used for performing any device maintenance tasks, such as automatic updates.
Extended real-time telemetry retention for up to 7 days Admins in Teams admin center can troubleshoot meeting quality more efficiently thanks to real-time telemetry that is available for an extended period (up to 7 days following the conclusion of a meeting) for users with Teams Premium licenses. This helps admins find and solve quality issues with detailed telemetry after the meeting for up to 7 days. s This feature is available with a Teams Premium license.
Microsoft Teams admin center – external domain activity report Teams administrators can see which managed domains their users interact with using the external domain activity report. The report will surface the list of domains that your tenant has communicated with via managed communication, and how many internal users have been part of that communication. This report is available for those with open federation on and those with explicit allow lists.
Watermark support for recording playback Watermarked meetings can now have recording enabled. A watermark with an email ID will show up during the playback of the recorded meeting. After a meeting is over, users can view the recorded content with watermarking on web and mobile platforms. This feature requires a Teams Premium license.
New Meeting Option and Meeting Policy ‘Turn off copying or forwarding of meeting chat’ A new meeting option called ‘Turn off copying or forwarding of meeting chat’ lets the meeting organizer disable the ability to copy and share meeting chat messages for participants to prevent data leakage. With this restriction on, meeting participants will not be able to copy chat messages using the menu option or keyboard shortcut, forward messages, or share messages to Outlook. Admins can control whether an organizer can use this feature in the Meeting Options page by using Meeting Policy setting in Teams admin center. Admins can also choose the default value for this meeting option in Meeting Templates they create. This feature requires a Teams Premium license.
Frontline Worker Solutions
Walkie Talkie: Automatically listen to multiple channels Frontline workers who use Walkie Talkie in Teams can now choose to automatically listen to incoming messages from any of their pinned favorite Teams channels (up to 5 favorite channels). This new feature helps you keep in touch with and easily initiate PTT transitions on multiple channels without needing to switch channels manually.
Allow frontline teams to set their shift availability for specific dates Frontline workers can now choose their preferred dates to work, making it easier for them to handle different scheduling needs. This new feature adds to the existing options for weekly availability that repeat. To learn more about recent enhancements to Shifts in Teams, read the latest blog – Discover the latest enhancements in Microsoft Shifts.
This article is contributed. See the original author and article here.
A guide for sales managers and sellers who want to improve their customer engagement and collaboration with multiple sequences now available across Dynamics 365 Sales.
Productivity and efficiency are important to sales teams. Improving customer engagement, as well as collaboration when multiple team members work on an account, can be key to securing deals faster, and bringing better business results. With the support of multiple sequences in Dynamics 365 Sales, this now becomes easier than ever.
In this blog, we will show you how you can streamline parallel sales processes, coordinate your sales efforts, and optimize your customer interactions. You will also learn how to create, manage, and monitor multiple sequences in Dynamics 365 Sales. Whether you are a sales manager or a seller, we will cover some useful tips and best practice to make the most of this powerful feature.
Ready to boost your sales performance with multiple sequences? Sign up for a free trial of Dynamics 365 Sales today and discover how it can transform your sales organization.
What are sequences and why do you need them?
Sequences are a series of steps that sellers can follow to engage with customers and prospects in a consistent and effective way. They help sales managers provide guidance on best practices and ensure that every customer interaction is aligned with the sales strategy. Sequences can include various types of activities, such as emails, phone calls and tasks. In addition, sellers can utilize sequences as well, to automate their successful selling formulas and reduce manual work.
But what if you have multiple team members working on the same record (for example an account)? How can you ensure that they are not stepping on each other’s toes or sending conflicting messages to the customer? How can you leverage the expertise and skills of different sellers to create a better customer experience?
This is where multiple sequences come in handy. Multiple sequences allow you to connect more than one sequence to a record, so that different sellers can work simultaneously on the same record with different sequences. For example, you can have an account manager and a solution architect working on the same opportunity, each with their own set of activities. This way, you can optimize your customer engagement and collaboration to drive better business outcomes.
How to connect multiple sequences to a record?
There are two ways to connect multiple sequences to a record: manually and automatically.
Manually connecting a record to a sequence: Connect a record to a sequence by using the connect sequence button on the record page to launch the connect sequence dialog. You can connect multiple sequences to a record at the same time, as long as the record owner or the sequence owner has the relevant permissions to do so. You can also disconnect a sequence from a record manually, by selecting the disconnect sequence button on the record page.
Automatically connecting a record to a sequence: Connect a record to a sequence by using the segmentation feature. Segmentation allows you to define criteria for a group of records that qualify for a sequence. For example, you can create a segment for all the opportunities that have a high probability of closing in the next quarter. You can then associate a sequence to that segment, so that whenever a record meets the criteria, it is automatically connected to the sequence.
Manually connect record to sequence
How to assign a sequence to a different user than the record owner?
By default, when a record is connected to a sequence, the sequence is assigned to the record owner. However, you may want to assign a sequence to a different user, depending on their role and responsibilities. For example, you may want to assign a sequence to a specialist role for a record, such as a solution architect or a technical consultant.
To do this, you can use the sequence assignment feature. Sequence assignment allows you to select a field in the record entity or a related entity that can be used to assign the sequence. For example, if you have a field called opportunity_rep in the opportunity entity, you can assign the sequence to the user who is specified as the opportunity rep for that record. You can also use the properties pane to assign the sequence to the account owner, or owner/access team with capability to assign the sequence to a user with a specific role in the respective team.
Automatic assignment of Sequence
How to view the connected sequences and users for a record?
Once you have connected multiple sequences to a record, you may want to view the connected sequences and the users who are working on them. This can help you get a better understanding of the customer engagement and collaboration happening on the record and what work is left to execute.
To see the sequences and users that are linked to a record, you can select the sequence title from the Up next widget which will take you to the preview pane that shows all the sequences that are related to the record. The sequence preview gives you a full overview of the sequence, including the progress and activities for different paths. To see a sequence, choose the name of the sequence in the Up next widget. The sequence opens in a pane showing the list of activities that have been set up within it.
You can also use the sequence stats report to see status, progress, and performance of each sequence. In addition, you can see the number of completed, overdue, and upcoming activities, as well as each email’s open rate, click rate, and conversion rate in the sequence.
View sequences connected to a Record.
How to view sequence steps in a record using the Up next widget?
In cases where a record is associated with multiple sequences, you may want to efficiently plan the execution by accessing all the available steps of these sequences. The new enhancements empower you to achieve precisely that! Now, the sequence name showcased on the Up next widget transforms into a clickable link. Upon clicking, it reveals a comprehensive list of all steps associated with that specific sequence. This feature facilitates the simultaneous viewing of both executed and upcoming steps in a single pane, streamlining the planning process for the subsequent steps.
View all sequence steps in preview pane by clicking on Sequence name in Up next widget
Conclusion
Multiple sequences in Dynamics 365 Sales are a powerful capability that can help you improve your customer engagement and collaboration:
By connecting multiple sequences to a record, you can optimize your sales process and leverage the skills and expertise of different sellers.
By assigning a sequence to a different user than the record owner, you can ensure that the right person is doing the right activity.
By viewing the connected sequences and users of a record, you can get a better insight into the customer communication and collaboration happening on the record.
With multiple sequences, you can drive better business outcomes and gain a competitive edge in the marketplace.
This article is contributed. See the original author and article here.
Since HCI 23h2 was announced, HCIBox users have been asking me and the Jumpstart team, “when will HCIBox be ready?” Some are interested in the new cloud deployment features, others are curious about a refreshed AKS on HCI. The wait is over. At last, HCIBox 23H2 is here and ready for you to get hands-on.
HCIBox now supports Azure Stack HCI 23H2 and is ready to offer the latest capabilities of Azure edge environments with native Azure Arc and AKS integration in a self-contained sandbox. This sandbox deploys easily into an Azure subscription, and uses nested virtualization to emulate an HCI cluster inside an Azure VM. This allows users to experience many Azure Stack HCI 23H2 features like the new cloud deployment featurewith minimal manual effort. HCIBox automatically generates a ready-to-go ARM template that can be used to deploy a new HCI cluster. The cloud deployment also automatically provisions Arc resource bridge and AKS components, and HCIBox comes with additional modules to showcase cloud VM management and AKS on HCI.
As part of this release, most aspects of the HCIBox codebase were refactored to simplify and streamline the deployment experience. The network configuration has also been redesigned, with dedicated subnets for both guest VM management and AKS.
In response to user feedback the HCIBox documentation has also been revised and simplified, with dedicated guides for deploying with either Azure Developer CLI(azd)or Azure CLI. This is a direct continuation of our investment in azd, following the release of azd support in Jumpstart Agora and the Retail industry scenario. But we aren’t stopping here! There is much more in store for HCIBox in the coming months. Join the discussion on the Azure Arc Jumpstart Github repositoryto contribute!
Many aspects of the HCIBox provisioning process have changed with this release and we encourage all users to thoroughly review the updated documentation. Be sure to also check out our new Jumpstart Lightning video where we discuss the new release. Get started with HCIBox today!
This article is contributed. See the original author and article here.
In today’s global marketplace, translating applications is not just a nice-to-have, it’s a necessity. Providing native language versions of your software not only enhances user experience but also ensures compliance with regional laws and regulations, including language requirements. For select products, partners have the flexibility to create their own translations in countries where Microsoft does not provide a translated or localized version.
Dynamics 365 Translation Service (DTS): Your partner in localization
If you’re a partner or an Independent Software Vendor (ISV) looking to expand your reach through localization and translation, look no further than Dynamics 365 Translation Service (DTS). Hosted within Dynamics 365 Lifecycle Services (LCS), DTS is a comprehensive solution that enables end-to-end translation workflows. With DTS, you can create and manage translation projects with ease. It also provides seamless integrations with Visual Studio, Visual Studio Code, Azure DevOps, and Power Platform. Trusted by over 1,800 companies worldwide, DTS is your reliable partner for all your Dynamics 365 translation needs.
High-quality translations with DTS
What sets DTS apart is its use of product-specific machine translation models. These models are custom trained with Microsoft-produced translations, ensuring high-quality outputs that match the style and terminology of the original product. For those seeking a more personalized touch, DTS offers the option to create a custom-trained machine translation models using your own translation memories. This feature allows you to obtain translations that are tailored to your business’ existing content, providing a truly customized experience.
Web Portal
The DTS web portal is the primary means for interacting with the service. Through the friendly interface, you can create and manage translation projects. Once a translation request is completed, DTS provides the translated native file along with an XLIFF translation memory (TM). This TM can be used to revise the machine translation output and regenerate translations with the updated content. You can also use those TMs during future requests. Matching strings will be recycled, alleviating the need to edit the known translation again whilst maintaining consistency across product versions.
Extensibility
DTS offers a range of extensions and an API to enhance accessibility and enable automation. With the IDE extensions, translations can be performed directly within the respective workspaces. These offerings save you time by bringing the DTS experience to your development environment along with allowing for automated translation workflows.
Visual Studio Extension – Translate Finance and Operations solutions from the developer environment.
In the realm of translation project management, the Dynamics 365 Translation Service (DTS) prioritizes ease of use and efficiency. The DTS web portal, along with its API and extensions streamline your translation workflow. With DTS, you can deliver fast high-quality translations with ease and at no additional cost. This service is available to Dynamics partners and ISVs. To get started, or learn more visit these pages:
This article is contributed. See the original author and article here.
This blog is the second of three that details our recommendation to adopt cloud native device management. Understand the lessons from various Intune customers in their journeys and how they achieved greater security, cost savings, and readiness for the future through their cloud transformations.
This article is contributed. See the original author and article here.
AnnounceBot Automated and Personalized Greetings, a solution published to Microsoft AppSource, helps companies celebrate special occasions like birthdays, work anniversaries, and welcoming new hires. With minimal setup and no calendars or manual work, AnnounceBot increases engagement, collaboration, and retention.
Microsoft interviewed Stephen Cornell, Service Director, Protected Trust, to learn what he had to say about the app.
What do you like best about AnnounceBot? We absolutely love how easy AnnounceBot is to use! It is user-friendly, and setting it up was quick. Before using AnnounceBot, social media was our only way to track birthdays, which means some folks got left out. And work anniversaries were out of the picture. Since we started using AnnounceBot, we have never missed a birthday or work anniversary. It’s all automatic now.
How has AnnounceBot helped your organization? Keeping the team engaged became challenging when we transitioned into working remotely. AnnounceBot helped us rebuild team connections by providing a centralized system to celebrate special events. Now, everyone engages in birthday and work anniversary posts, makes jokes, and tells stories about times we were all together in an office. It is a small gesture that has made a big difference in our company culture.
How is customer service and support? I wanted to know how to check birthdays that are getting tracked. The support team responded within an hour and provided the information I needed.
Any recommendations or insights for other users considering AnnounceBot? My suggestion would be to set it up in a small team first, just to get the hang of it. Test it out there before you go big and use it for the whole organization.
On a scale from 1 to 5 (5 being the highest), what is your overall rating for this AnnounceBot? I would give AnnounceBot a 4.5 only because I think they should support Microsoft Entra ID (formerly Azure Active Directory) integration to make birthdate and joining date collection even smoother.
This article is contributed. See the original author and article here.
En los últimos seis meses, hemos conocido a cientos de desarrolladores que están utilizando Python para crear aplicaciones de chat de IA en sus propios campos de conocimiento, utilizandoRAG (Recuperación Aumentada de Generación)para enviar fragmentos de información a un modelo de LLM junto con la pregunta del usuario.
También hemos escuchado a muchos desarrolladores que les gustaría aprender a crear sus propias aplicaciones de chat con RAG, pero no saben por dónde empezar. Por eso, estamos organizando un hackathon virtual para ayudarte a aprender a construir tu propia aplicación de chat con RAG en Python.
Del 29 de enero al 12 de febrero, realizaremos transmisiones en vivo en inglés y los días 31 de enero y 2 de febrero en español, donde te mostraremos cómo construir ennuestro repositorio de ejemplo de chat con RAG más popular, al mismo tiempo que explicamos los conceptos clave detrás de todas las aplicaciones de chat con RAG modernas. Los temas de las transmisiones en vivo incluirán búsqueda vectorial, control de acceso, GPT-4 con visión y más.
Mantente conectado a tus sesiones locales de Reactor. Esperamos involucrar a desarrolladores de todo el mundo, así que también tendremos transmisiones en vivo en español, portugués y chino. Habrá premios para las mejores aplicaciones e incluso un premio para el miembro más útil de la comunidad. ¡Mantente atento a tus sesiones locales de Reactor!
Para obtener más información, visita lapágina de Reactorpara sintonizar tu evento local y visita la páginaAI Chat App Hack, donde podrás seguir los pasos para registrarte y unirte a la comunidad. ¡Te esperamos ya!
Más recursos de RAG para desarrolladores de Python:
This article is contributed. See the original author and article here.
The linked blog post was originally published on the Microsoft Security Blog on November 6th, 2023. We are sharing it again on the SMB Tech Community blog channel to ensure that all of our partners, who manage customer tenants and their conditional access policies, are informed about the upcoming policy changes.
Microsoft announced the automatic rollout of Conditional Access polices in Entra ID back in November 2023.
This feature automatically creates new Conditional Access policies in report-only mode for eligible customers of Microsoft Entra ID P1/P2 (M365 E3/M365 E5/M365 Business Premium). Between November 9th, 2023, and December 31st, 2023, policies were created in all eligible tenants. Customers will have at least 90 days to review the policy’s impact, manage exclusions, turn the policy on, or turn it off if necessary.
This 90-day period is ending soon, and enforcement will begin on a rolling basis in February and March 2024.
Recommended actions
To avoid any potential disruption to users’ access and to ensure these policies meet your organization’s needs, take the following actions within 90 days of their creation, before they’re moved to the On state:
Review the effects and benefits of the new policies. If you don’t want us to enable them automatically, set them to Off. Or, you may set them to On at any time.
Customize these policies according to your specific needs, such as excluding emergency access accounts. If you require more extensive customizations, you can clone a policy and then make as many changes as you want.
Verify that all users covered by these policies have enabled and registered at least one multifactor authentication method. If necessary, run a registration campaign to set up the Authenticator app.
This article is contributed. See the original author and article here.
Web application firewalls (WAFs) are essential tools for cyber security professionals who want to protect their web applications from malicious attacks. WAFs can filter, monitor, and block web traffic based on predefined as well as custom rules. Custom rules allow you to create your own unique rule that is evaluated for each request that passes through the WAF. These rules hold higher priority than rules in the managed rulesets and will be processed first. One of the most powerful features of Azure Web Application Firewall is the ability to create geomatch custom rules, which allow you to match web requests based on the geographic location of the source IP address. You may want to block requests from certain countries or regions that are known to be sources of malicious activity, or you may want to allow requests from specific locations that are part of your business operations. Geomatch custom rules can also help you comply with data sovereignty and privacy regulations, by restricting access to your web applications based on the location of the data subjects.
In this blog post, we will introduce you to the geomatch custom rules feature of Azure Web Application Firewall and show you how to create and manage them using the Azure portal, Bicep and PowerShell.
Geomatch Custom Rule Patterns
Geomatch custom rules can help you achieve various security objectives, such as blocking requests from high-risk regions and allowing requests from trusted locations. Geomatch custom rules can also be very useful for mitigating distributed denial-of-service (DDoS) attacks, which aim to overwhelm your web application with a large volume of requests from multiple sources. By using geomatch custom rules, you can quickly identify and block the regions that are generating the most DDoS traffic, while allowing legitimate users to access your web application. In this blog, we’ll cover different custom rule patterns that you can use to tune your Azure WAF using geomatch custom rules.
Scenario: Block traffic from all countries except “x”
One of the common scenarios where geomatch custom rules can be very helpful is when you want to block traffic from all countries except a specific one. For example, if your web application is only intended for users in the United States, you can create a geomatch custom rule that blocks all requests that do not originate from the US. This way, you can reduce the attack surface of your web application and prevent unauthorized access from other regions. This specific technique uses a negating condition for this traffic pattern to work. To create a geomatch custom rule that blocks traffic from all countries except the US, check out the Portal, Bicep, and PowerShell examples below:
Portal example – Application Gateway:
Portal example – Front Door:
*Note: You’ll notice on the Azure Front Door WAF, we are using SocketAddr as the Match variable and not RemoteAddr. The RemoteAddr variable is the original client IP that’s usually sent via the X-Forwarded-For request header. The SocketAddr variable is the source IP address the WAF sees.
Scenario: Block traffic from all countries except “x” and “y” that target the URI “foo” or “bar”
Another scenario where geomatch custom rules can be useful is when you want to block traffic from all countries except two or more specific ones, that target an explicit URI. For example, if your web application has specific URI paths that are only intended for users in the US and Canada, you can create a geomatch custom rule that blocks all requests that do not originate from either of these countries. With this pattern, request payloads from the US and Canada are still processed through the managed rulesets, catching any unwanted malicious attacks while still blocking requests from all other countries. This way, you can ensure that only your target audience can access your web application and avoid unwanted traffic from other regions. Furthermore, to reduce potential false positives, you can include the country code “ZZ” in the list to capture IP addresses that aren’t yet mapped to a country in Azure’s dataset. This specific technique also uses a negate condition for the Geo location type and a non-negate condition for our URI match. To create a geomatch custom rule that blocks traffic from all countries except the US and Canada to a specified URI, check out the Portal, Bicep, and PowerShell examples below:
Scenario: Block traffic specifically from country “x”
A similar scenario where geomatch custom rules can be helpful is when you want to block traffic from a specific country or multiple countries. For example, if your web application is facing a lot of malicious requests from country X, you can create a geomatch custom rule that blocks all requests that originate from that country. This way, you can protect your web application from potential attacks and reduce the load on your resources. You can use this pattern to block multiple countries that you have validated as malicious or hostile. This specific technique uses a match condition for this traffic pattern to work. To create a geomatch custom rule that blocks traffic from country X, check out the Portal, Bicep, and PowerShell examples below:
When using geomatch custom rules, it’s important to use the priority parameter wisely to avoid unnecessary processing or conflicts. The Azure WAF will determine the order that it evaluates the rules by using the priority parameter. This parameter is a numerical value that ranges from 1 to 100, with lower values indicating higher priority. The priority must be unique across all custom rules. You should assign higher priority to the rules that are more critical or specific for your web application security, and lower priority to the rules that are less essential or general. This way, you can ensure that WAF applies the most appropriate actions to your web traffic. Given our examples above, the scenario where we’ve identified an explicit URI path is the most specific and should have a higher priority rule than other types of patterns. This allows us to protect a critical path on the application with the highest priority while allowing more generic traffic to be evaluated across the other custom rules or managed rulesets.
Geomatch Custom Rule Anti-Patterns
On the other hand, there are some anti-patterns that you should avoid when using geomatch custom rules. These are scenarios where you set the custom rule action to allow instead of block. This can have unintended consequences, such as allowing a lot of traffic to bypass the WAF and potentially exposing your web application to other threats. Instead of using an allow action, you should use a block action with a negate condition, as shown in the previous patterns. This way, you can ensure that only traffic from the countries that you want is allowed, and all other traffic is blocked by the WAF.
Scenario: Allow traffic from country “x”
The first anti-pattern that you should be aware of is setting the geomatch custom rule to allow traffic from a specific country. For example, suppose you want to allow traffic from the United States because you have a large customer base there. You might think that creating a custom rule with the action “allow” and the value “United States” would achieve this. However, this is not the case. What this rule does is to allow all traffic that originates from the United States, regardless of whether it has a malicious payload or not, as the allow action bypasses further rule processing of the managed rulesets. Additionally, traffic from all other countries will still be allowed to be processed by the WAF, consuming resources. This exposes your web application to malicious requests from the United States that would otherwise be blocked by the WAF.
Scenario: Allow traffic from all counties except “x”
Another anti-pattern that you should avoid when using geomatch custom rules is to set the rule action to allow and specify a list of countries to exclude. For example, you might want to allow traffic from all countries except the United State, where the US is a country that you suspect of malicious activity. However, this approach can also have unintended consequences, such as allowing traffic from countries that you have not verified or validated as safe or legitimate or allowing traffic from countries that have low or no security standards, exposing your web application to potential vulnerabilities or attacks. As mentioned in the previous scenario, using the allow action for all countries except the US, indicates to the WAF to stop processing the request payloads against the managed rulesets. All rule evaluation will cease once the custom rule with allow is processed, thus exposing the application to unwanted malicious attacks.
Therefore, it is better to use a more restrictive and specific rule action, such as block, and specify a list of countries to allow with a negate condition. This way, you can ensure that only traffic from trusted and verified sources can access your web application, while blocking any suspicious or unwanted traffic.
The Azure Web Application Firewall is a powerful tool for protecting your web applications from common threats and attacks and by using geomatch custom rules, you can fine-tune your security controls based on the geographic location of the requests. The patterns outlined help to maintain the effectiveness and performance of the Azure WAF when utilizing geomatch custom rules. You should always test your rules before applying them to production and monitor their performance and impact regularly. By following these best practices, you can leverage the power of geomatch custom rules to enhance your web application security.
Recent Comments