by Scott Muniz | Aug 20, 2020 | Azure, Microsoft, Technology, Uncategorized
This article is contributed. See the original author and article here.
Final Update: Thursday, 20 August 2020 23:46 UTC
We’ve confirmed that all systems are back to normal with no customer impact as of 8/14/20, 22:12 UTC. Our logs show the incident started on 9/23/19, 00:00 UTC and that during the 326 days that it took to resolve the issue 138 customers using metric alerts based on custom metrics in Brazil South region may have seen incorrect alert activations and or failures.
- Root Cause: The failure was due to a backend storage configuration.
- Incident Timeline: 326 days 22 hours 12 minutes – 9/23/2019, 00:00 UTC through 8/14/2020, 22:12 UTC
We understand that customers rely on Application Insights as a critical service and apologize for any impact this incident caused.
-Jeff
by Scott Muniz | Aug 20, 2020 | Azure, Microsoft, Technology, Uncategorized
This article is contributed. See the original author and article here.
Databases > SQL Database
All categories
Intune
Let’s look at each of these updates in greater detail.
Databases > SQL Database
Open your SQL database in Azure Data Studio
The Azure portal now includes a one-click connection to Azure Data Studio from any Azure SQL Database. Azure Data Studio offers a modern editor experience with IntelliSense, code snippets, source control integration, SQL Notebooks, and an integrated terminal. Simply open the Azure portal, navigate to any SQL Database, and click “Connect with Azure Data Studio”. The experience includes a link to download Azure Data Studio if you do not already have it. The connection info is passed to Azure Data Studio and the connection will automatically go through with AAD or will require just a password to complete the connection.
- Sign in to Azure portal
- Click “All Services”
- Search and select “Azure SQL”
- Find and select any SQL database
- Click “Connect with…”, then click “Azure Data Studio”
6. Click to download or launch Azure Data Studio
7. Connect to your database and try out Azure Data Studio!
All Categories
Work with a freelancer
It’s now easier than ever to connect and start working with a freelancer who can help you complete your short-term, on-demand Azure projects. Microsoft and Upwork are partnering to provide you with easy access to freelancers with current Azure certifications.
In the upper right corner of the Azure portal, click on the question mark. You’ll see the freelancer information pop up below.
All Categories
View a summary of your resources on a map and in other charts
On certain resource list views, you can now see a summary count of your resources. This feature allows you to visually represent your resources on a chart, summarizing over location, resource group, subscription, and resource type. A powerful use case of this would be to visually represent your resources on a map.
a. Go to a list of resources. Check if it has a “List view” dropdown at the top right of the list. If so, you can proceed with the demo. Otherwise, use the “All resource” list as an example.
b. In the dropdown, select “Summary view” where you will see a summary count of your resources. You can choose to summarize by location, resources group, subscription, and type, if applicable, from the menu on the left.
c. You can use the filters to scope your results.
d. In this view, you can change the visualization to a map, bar chart, donut chart, or list. (Note that maps are available for location only).
e. If you have more than 10 items in a bar or donut chart, there will be a dropdown to choose your summary preference (see screenshot). If you want to see more than 10 items, change the visualization to “list” as described in step d.
f. If you like this view, you can save it using the “Manage view” dropdown for easy access.
g. If you want to drill down into one of the summary items, click into the item and you will see a list of the resources in that category.
All Categories
Portal search improvements
We have made several improvements to the portal’s search capabilities.
- You can now use the portal’s global search bar to search for resources by IP address. The search will find all resources that have the specified IP address anywhere within their resource properties.
- You can now search for Azure invoices by typing in an invoice id.
- We have improved the search functionality on all pages that have a menu on the left. Previously, a term had to be spelled correctly in order to produce results, but now, slight misspellings are accepted, and any existing results will be shown.
Step 1 – Log into the portal
Step 2 – Paste an IP address or an invoice ID into the global search bar.
Sample search by IP address:
Sample search by Invoice ID:
INTUNE
Updates to Microsoft Intune
The Microsoft Intune team has been hard at work on updates as well. You can find the full list of updates to Intune on the What’s new in Microsoft Intune page, including changes that affect your experience using Intune.
Azure portal “how to” video series
Have you checked out our Azure portal “how to” video series yet? The videos highlight specific aspects of the portal so you can be more efficient and productive while deploying your cloud workloads from the portal. Check out our most recently published videos:
Next steps
The Azure portal has a large team of engineers that wants to hear from you, so please keep providing us your feedback in the comments section below or on Twitter @AzurePortal.
Sign in to the Azure portal now and see for yourself everything that’s new. Download the Azure mobile app to stay connected to your Azure resources anytime, anywhere. See you next month!
by Scott Muniz | Aug 20, 2020 | Azure, Microsoft, Technology, Uncategorized
This article is contributed. See the original author and article here.
The Azure Sphere 20.08 OS quality release is now available in the Retail feed. This update includes enhancements and bug fixes in the Azure Sphere OS including a security update that represents a critical update to the OS. Because of this, the retail evaluation period has been shortened.
In addition, 20.08 includes new Sample applications; It does not include an updated SDK.
The following changes are included in the 20.08 OS release:
- Upgrades to incorporate a critical security update. This update addresses a CVE that has not yet been assigned an ID. We will update this post to provide more information when available. Please check back for updates.
- Resolution of a problem that caused Ethernet-enabled devices to receive a non-random MAC address after OS recovery to 20.07 (via the azsphere device recover command).
- Resolution of an issue with the system time not being maintained with RTC and battery.
- Changes to WifiConfig_GetNetworkDiagnostics to return AuthenticationFailed in a manner consistent with 20.06 and earlier. This change fixes the issue mentioned for the 20.07 release.
- Improvements to Networking_GetInterfaceConnectionStatus to more accurately reflect the ConnectedToInternet state.
- Updated the Linux kernel to 5.4.54.
For hardware manufacturers:
The 20.08 release also contains important improvements for hardware manufacturers. These changes support greater flexibility in the manufacturing process and improved stability for customers.
We’ve updated the EEPROM configuration file , which is used with the command-line FT_PROG tool, to:
- Disable Virtual COM ports to improve the stability of device-to-PC communications and reduce the number of PC crashes.
- Supply unique serial numbers that start with ‘AS’ to distinguish Azure Sphere devices from other USB Serial Converters that may be present on the same PC.
We strongly recommend that you use the updated configuration file to program your devices.
The documentation now also shows how to program the FTDI EEPROM on multiple boards in parallel. See the MCU programming and debugging interface topic for details.
Sample Applications
We are also releasing three new sample applications on Friday, 8/21. We will update this post to provide a direct link when they are available. Please check back on Friday.
- wolfSSL Sample for client-side TLS APIs – demonstrates using wolfSSL for SSL handshake in a high-level application.
- Low power MCU-to-cloud reference solution –demonstrates how you might connect an external MCU to an Azure Sphere device and send data to IoT Central. This reference solution is optimized for low power scenarios.
- Error reporting tutorial – demonstrates how to use error reporting features on the Azure Sphere platform.
For more information
For more information on Azure Sphere OS feeds and setting up an evaluation device group, see Azure Sphere OS feeds.
If you encounter problems
For self-help technical inquiries, please visit Microsoft Q&A or Stack Overflow. If you require technical support and have a support plan, please submit a support ticket in Microsoft Azure Support or work with your Microsoft Technical Account Manager. If you would like to purchase a support plan, please explore the Azure support plans.
by Scott Muniz | Aug 19, 2020 | Azure, Microsoft, Technology, Uncategorized
This article is contributed. See the original author and article here.
This blog post continues the series about Azure Security Center threat protection for SQL IaaS VMs. As you learnt in this blog post, Azure Security Center protects SQL servers hosted on either Azure VMs, Azure Arc and on-premises. This post will focus on SQL running on-premises and how to leverage ASC threat protection for SQL in this type of scenario.
SQL Server running on-premises
If your SQL server is installed in a Windows machine, located on-premises Windows and without Azure Arc, you really have two options for connecting it to Azure:
- Deploy Azure Arc
- Connect Windows machines to Azure Security Center without Azure Arc using Log Analytics agent.
Deploying Azure Arc
You can connect any Windows machine to Security Center, however, Azure Arc provides deeper integration across all your Azure environment. If you set up Azure Arc, you will see the SQL Server – Azure Arc page in the portal and your security alerts will appear on a dedicated Security tab on that page. The first and recommended option is to set up Azure Arc on the host. Please refer to this blog post for SQL VMs hosted on Azure Arc.
Connect Windows machines to Azure Security Center without Azure Arc
Security Center can monitor the security posture of non-Azure computers, but you need to first onboard these resources. If you choose to connect a SQL Server running on a Windows machine without using Azure Arc, you can use the option Add non-Azure servers from the Getting started blade or from the Compute blade as shown in ‘Image 1 & 2’.
Image 1: Add Non-Azure Servers
Image 2: Onboard servers to Security Center
You will be redirected to Direct Agent page from where you can install appropriate Windows Agent.
TIP: You can connect any on-premises machine to Azure Security center by manually installing Log Analytics agent to extend the Security Center capabilities to servers running outside of Azure be it in on-premises or in other clouds. Just make sure the on-premises machine (In our scenario, SQL server) is connected to the relevant log analytics workspace. You can check this by navigating to Log Analytics workspace > Advanced settings > Connected sources > Choose either Windows/Linux server, as shown in ‘Image 3’.
Image 3: Confirmation of Connected Sources
Once you have the Log Analytics agent installed, Azure Security Center will start scanning the machines and flag prioritized list of recommendations accordingly, if not configured according to security best practices.
Note: for Step-by-Step instructions to onboard a non-azure computer, please refer to this article.
Validating SQL threat detection
When Azure Security Center identifies the pre-attack you should be able to view the alert in the Security alerts section as shown in ‘Image 4’
Note: Make sure you have non-azure environment selected from the Filter.
Image 4: Security Alerts snapshot
Conclusion
Alerts are designed to be self-contained, with detailed remediation steps and investigation information in each one. You can investigate further by using Azure Security Center and Azure Sentinel capabilities for a broader view:
- Enable SQL Server’s auditing feature for further investigations. If you are an Azure Sentinel user, you can upload the SQL auditing logs from the Windows Security Log events to Sentinel and enjoy a rich investigation experience. Learn more about SQL Server Auditing.
- To improve your security posture, use Security Center’s recommendations for the host machine indicated in each alert. This will reduce the risks of future attacks.
What are you waiting for? Go ahead, leverage Azure Security Center to protect your SQL IaaS VMs.
Special thanks to:
Yuri Diogenes, Senior PM, CxE Security – ASC Team for reviewing this post.
Recent Comments