Technology Archives - Page 418 of 1271 - Dr. Ware Technology Services

News About the June 2021 Cumulative Update for Exchange Server

by Contributed | Jun 11, 2021 | Technology

This article is contributed. See the original author and article here.

We typically release our quarterly Cumulative Updates (CUs) for Exchange Server on the third Tuesday of a month. In June 2021, that would be June 15^th. Today we want to let you know that the June CUs for Exchange Server will be released two weeks later, on June 29^th instead. In addition to bug fixes and incorporating previous Security Updates (SUs) for Exchange Server, we are taking a little bit of extra time to finish adding a new security feature to Exchange Server.

Today’s Security Landscape

Security is a top priority for Microsoft and our customers, especially as cyberattacks increase in frequency and level of sophistication. The cybersecurity landscape has fundamentally changed, as evidenced by large-scale, complex attacks, and signals that phishing and human-operated ransomware are on the rise. Microsoft is now actively tracking more than 40 nation-state actors and over 140 threat groups across 20 countries—a number that used to be a handful. More than ever, it is critical to keep your on-premises infrastructure secure and up-to-date, including all your Exchange servers. This is a continuous process in which you:

Use the Exchange Server Health Checker script to inventory your Exchange servers.

Use the Exchange Update Wizard to get steps for installing the latest updates on your Exchange server(s).

This past March, we released SUs for critical vulnerabilities in Exchange Server, and we actively worked through our customer support teams, third-party hosters, and our partner network to help customers secure their environments and respond to associated threats from the attacks occurring against on-premises Exchange Server. In addition to releasing the one-click Exchange On-Premises Mitigation Tool (EOMT) last March, we also released automatic mitigation for Exchange Server in Microsoft Defender Antivirus and System Center Endpoint Protection. As with EOMT, these were interim mitigations designed to help protect customers who needed extra time to install the available SU.

When the June CU is released on June 29^th, only the March and June CUs will be supported for any future Exchange Server SUs. If you are not yet running the March CU, now is a great time to get current.

Introducing Exchange Server integration with AMSI

In response to the fast-changing threat landscape, in the June CUs for Exchange 2016 and Exchange 2019, we are introducing integration between Exchange Server and the Windows Antimalware Scan Interface (AMSI). AMSI exists in Windows Server 2016 and later, and the new integration is available in Exchange 2016 and Exchange 2019 when running on either of those operating systems. For Exchange 2016, AMSI integration is available only when running on Windows Server 2016. It is not available for Exchange 2016 running on Windows Server 2012 or Windows Server 2012 R2.

AMSI integration in Exchange Server provides the ability for an AMSI-capable antivirus/antimalware solution to scan content in HTTP requests sent to Exchange Server and block a malicious request before it is handled by Exchange Server. The scan is performed in real-time by any AMSI-capable antivirus/antimalware solution that runs on the Exchange server as the server begins to process the request. This provides automatic mitigation and protection which compliments the existing antimalware protection in Exchange Server to make your Exchange servers more secure than ever.

The AMSI integration in Exchange Server works with any AMSI-capable anti-virus/antimalware solution. By default, Microsoft Defender Antivirus (MDAV), an AMSI-capable solution, is automatically enabled and installed on endpoints and devices that are running Windows 10 and Windows Server 2016 and later. If you haven’t installed an antivirus/antimalware application, Exchange Server AMSI integration will work with MDAV. If you install and enable another antivirus/antimalware app, MDAV will automatically turn off. And if that other app is AMSI-capable, the Exchange Server integration will work with that app. If you uninstall the other app, MDAV will automatically turn back on, and the Exchange Server integration will work with MDAV.

There are specific benefits when using MDAV on Exchange Server:

MDAV dynamically fetches signatures that match malicious content. If Microsoft learns about an exploit that can be blocked, a new MDAV signature can be deployed to block the exploit from affecting Exchange.

Leveraging existing technology to add signatures for malicious content;

Leveraging the expertise of Microsoft’s malware research team for adding signatures;

Applying best practices that Defender already applies for adding other signatures.

We are working hard and are excited to deliver this new AMSI integration to you later this month on June 29th. Thank you for your patience!

–The Exchange Team

Azure Marketplace new offers – Volume 145

by Contributed | Jun 11, 2021 | Technology

This article is contributed. See the original author and article here.

We continue to expand the Azure Marketplace ecosystem. For this volume, 78 new offers successfully met the onboarding criteria and went live. See details of the new offers below:

Applications
	Aidemy Premium Plan Cloud AI Course: The Cloud AI Development Course provides Microsoft Azure environments and datasets from Microsoft Japan along with content creation cooperation to help you learn about data science in practice. This offer is available only in Japanese.
	Alitek Watch Power Automate Management Console: Alitek Watch provides notifications, monitoring, tracking, and analysis of flows to enhance the capabilities of Microsoft Power Automate and improve ROI. With Alitek Watch, flows are logically categorized into process groups where responders can be assigned to resolve flow errors.
	Ampliphae SaaSGuard: Tired of using time-consuming spreadsheets and manual audits to manage your SaaS applications? Ampliphae SaaSGuard takes the risk out of using cloud-delivered SaaS applications by identifying and securing all SaaS applications in use across your organization.
	Apache Web Server with AlmaLinux 8: Cognosys provides this preconfigured image of Apache HTTP Server 2.4.37 with AlmaLinux 8. Apache HTTP Server is one of the most popular web servers on the Internet, and AlmaLinux OS is an open-source project designed to fill the gap left by the demise of the CentOS stable release.
	Blackbaud GrantsConnect: Blackbaud’s GrantsConnect helps corporations and corporate foundations streamline their grants and sponsorships programs from online applications through payment processing. Easily create and manage grant review workflows, develop applications and forms, and pull ad-hoc reports.
	Caloudi VM 2.3: Caloudi’s VM 2.3 contains AI prediction modules and preconfigured environments with specified application versions. This VM environment is specialized for clients who have already contacted Caloudi for cloud migration.
	Cryptosense Analyzer License Management Server: Cryptosense Analyzer Platform (CAP) integrates with Microsoft Azure Key Vault to deliver powerful insights into how you use cryptography. CAP enables security architects and compliance teams to ensure sensitive data remains protected when it is deployed in the public cloud.
	Data Governance and Data Catalog: OvalEdge uses machine learning and advanced algorithms to automatically organize and catalog your data so that it is easily retrievable with everyday language. Empower your teams to find, organize, and secure relevant data.
	Databunker server ready + support from Linnovate: Databunker on Microsoft Azure provides strong personal-data protection for your customer records without expensive custom coding. The easy-to-manage, cloud-ready solution provides secure storage, privacy compliance, and user privacy controls.
	Docker CE with AlmaLinux 8: Cognosys provides this preconfigured image of Docker Community Edition (CE) with AlmaLinux 8. Docker CE is ideal for developers and small teams looking to get started with Docker and experimenting with container-based apps.
	factoHR – Touchless Time & Attendance Management: factoHR is a mobile-driven time and attendance platform that enables businesses to automate their daily HR functions while delivering actionable insights to help organizations achieve business objectives faster.
	GlobalLinker Platform: DigiVation World’s GlobalLinker on Microsoft Azure is an AI-driven platform for connecting SMEs across the world to help users achieve their business goals.
	HxGN Connect: Hosted on Microsoft Azure, HxGN Connect is a cloud-native collaborative workspace that brings data and people into a unified view for shared awareness, collaboration, and action. See and act on shared data to solve today’s problems together with HxGN Connect.
	HYAS Insight for Microsoft Azure Sentinel: HYAS Insight for Microsoft Azure Sentinel is a threat investigation and attribution solution that uses exclusive data sources and non-traditional mechanisms to improve visibility and productivity for analysts, researchers, and investigators.
	IN-D.ai – Coding and Claims Automation: IN-D Coding and Claims Automation uses artificial intelligence to classify documents based on provider and document type, digitize scanned documents, and automate invoice data extraction and ICD10 and CPT coding.
	Jenkins with AlmaLinux 8: This preconfigured image from Cognosys provides Jenkins with AlmaLinux 8. Written in Java, Jenkins is an open-source tool that provides continuous integration services for software development.
	LAMP with AlmaLinux 8: Cognosys provides this preconfigured image of LAMP with AlmaLinux 8. LAMP is an archetypal model of web service solution stacks, named as an acronym of its original components: Linux OS, Apache HTTP Server, MySQL relational database management system, and the PHP programming language.
	MariaDB 10 with Red Hat 8.3: Cognosys provides this preconfigured image of MariaDB 10.3.27 with Red Hat 8.3. MariaDB Server is a popular open-source relational database created by the original developers of MySQL.
	Nastel Navigator: Nastel Navigator delivers web-based administration and control of Apache Kafka, IBM MQ, and Tibco EMS to dramatically reduce the operational risk of delivering a multi-cloud digital strategy. Features include automated audited deployment, secure DevOps self-service, and full lifecycle management.
	NewCOS for Managed Voice: Available only in Spanish, NewCOS helps organizations optimize the management of unified communications solutions, including Microsoft Teams and Skype for Business. Increase productivity and reduce costs with a comprehensive, trusted communications platform.
	NGINX with AlmaLinux 8: Cognosys provides this preconfigured image of NGINX with AlmaLinux 8. NGINX is an all-in-one API gateway, cache, load balancer, web application firewall, and web server. Use NGINX instead of a hardware load balancer to innovate without infrastructure constraints.
	Ondato Facial Biometric Authentication: Ondato’s biometric authentication tool on Microsoft Azure helps businesses remotely and automatically validate returning customers’ identities and grant them access to services while meeting personal data protection laws.
	Ondato Secure Remote Meetings: Ondato’s Secure Remote Meetings solution enables you to keep your virtual meeting, conference, or event protected from unwanted intruders and background monitoring by using fully automated authentication tools.
	OpenJDK 11 with AlmaLinux 8: This preconfigured image from Cognosys provides OpenJDK 11.0.10 with AlmaLinux 8. OpenJDK (Open Java Development Kit) is an open-source implementation of the Java Platform, Standard Edition (Java SE).
	Pachyderm Enterprise License: Pachyderm Enterprise is an end-to-end data science platform built on Kubernetes and designed to enable automated machine learning workflows at scale. Deploy Pachyderm for data version control and lineage across models and experiment tracking.
	PeopleCore SaaS: Businesses need a human resources information system (HRIS) to manage their most valuable asset: their people. PeopleCore SaaS is comprehensive, customizable HRIS solution designed to help companies meet their organizational goals and requirements.
	PostgreSQL with AlmaLinux 8: Cognosys offers this preconfigured image of PostgreSQL with AlmaLinux 8. PostgreSQL is a popular open-source relational SQL database management system for developing web-based software applications.
	Project Online Task Sync App: PPM Works’ Task Sync App for Project Online delivers a simplified way to update Project tasks from anywhere using your mobile or desktop device. Save time and money with automated task updates and built-in reporting.
	RocketChat and Jitsi with support from Linnovate: An all-in-one open-source communication platform, Rocket.Chat-Jitsy server is an integrated application that combines Rocket.Chat and Jitsy to make audio and video calling, chatting, and conferencing simple and secure.
	Sally Sales Assistant: Natively integrated with Microsoft Dynamics 365, Sally is a chatbot that helps your employees find their way around the CRM system via Microsoft Teams. This application is available only in German.
	SynCloud – AI Cloud Cost Management Solution: SynCloud is an AI-powered cost management solution that enables you to discover and visualize cloud spend across your organization’s cloud services.
	TOPinFORM: Targeted to all types of fitness-related businesses, TOPinFORM is a studio management solution that facilitates the management of customers, contracts, billing, facility access, and more. This application is available only in German.
	VZOR Apps Monitor: Monitor your entire ecosystem of business applications with VZOR Apps Monitor. The solution monitors user experience and the integration layer while enabling interoperability of various applications and business platforms to help ensure operational continuity.
	VZOR Brain Monitor: An optional module of the VZOR Suite 360-Degree Platform, VZOR Brain Monitor provides early detection of incidents in monitored business services, predicts behaviors, and defines confidence thresholds. This download requires that you have VZOR Infra Monitor or Apps Monitor installed.
	VZOR Business Monitor: Centralize, integrate, and consolidate your organization’s data with VZOR Business Monitor, a comprehensive solution that enables you to capture, save, analyze, and present reports with customizable dashboards.
	Windows Server 2019 with FTP (FileZilla): Belinda CZ offers this preconfigured image of Windows Server 2019 with FileZilla, an open-source, cross-platform FTP and FTPS solution. This version of Windows Server 2019 is ideal for small and large businesses.
	WordPress with AlmaLinux 8: Cognosys provides this preconfigured image of WordPress 5.7 with AlmaLinux 8. WordPress is an open-source content management system based on PHP and MySQL.
	Zentera zCenter 6.5.2: Zentera’s secure access service edge (SASE) offering, CoIP Access Platform, delivers zero-trust network access and micro-segmentation capabilities that are critical for securing modern hybrid and multi-cloud environments.
Consulting services
	4-Week Implementation on ARO by rockPLACE: rockPLACE offers deployment services based on the Azure Red Hat OpenShift adoption plan to implement a container orchestration platform on Microsoft Azure. This service is available only in Korean.
	ACTS Azure Health Check: 2-Week Assessment: The ACTS Azure Health Check Assessment is a remote engagement that provides extended visibility into your cloud infrastructure. ACTS will assess your organization’s governance, operations, security, compliance, and cost while addressing common IT hurdles.
	AI as a Service: 6-Week Implementation: Offered as a managed service on Microsoft Azure, eCraft’s AI as a Service delivers a ready-made Microsoft Azure-based platform, templates, experts, and a standardized production process for building and operating AI solutions at scale.
	AI Strategy for Azure: 2-Hour Scoping Workshop: Define a clear artificial intelligence strategy to establish the sustainable use of Microsoft Azure data and AI services across your organization in this free workshop from Innovation Process Technology.
	App Innovate: 1-Week Assessment: In this one-week engagement, Tallan will evaluate up to five applications from a people, process, and technology perspective to ensure post-assessment recommendations meet the needs of your users. Modernize your applications with Tallan and Microsoft Azure.
	Azure Active Directory & Saviynt for Enterprise IGA: 5-Day Assessment: This assessment from Oxford Computer Group will show how Saviynt’s Identity Governance and Administration platform extends the governance functionality of Microsoft Azure Active Directory, adding intelligent access requests, risk-based access certifications, and more.
	Azure Backup Solution: 2-Hour Briefing: Available only in French, Upper-Link’s free briefing will show you how you can benefit from backing up your organization’s data, servers, and virtual machines to Microsoft Azure.
	Azure Cloud Cost Optimization: 1-Week Assessment: Navisite’s Azure Cloud Cost Optimization service delivers immediate discounts on key Microsoft Azure services, includes access to the powerful CloudCheckr tool for optimizing Azure cost and security, and provides direct access to a dedicated team of FinOps experts.
	Azure Defender for IoT: 4-Week Implementation: Quickly gain confidence in your industrial control system’s cybersecurity environment and boost your IoT projects’ time to market with Smartis’s implementation of Microsoft Azure Defender for IT.
	Azure DevOps Maturity: 4-Week Assessment: Sourced Group’s Azure DevOps Maturity Assessment is designed for those responsible for your engineering processes, operational compliance, and innovative enablement. Gain a competitive edge and release applications faster while boosting security and quality.
	Azure DevSecOps: 5-Week Implementation: Using its iterative DevACT (assess, consult, transform) framework, Mastek will partner with you to build a DevSecOps roadmap to drive organizational transformation across people, processes, and technology.
	Azure Infrastructure Audit: 3-Day Assessment: In this three-day assessment, ODM Computers will evaluate your organization’s Windows Server infrastructure to determine the next steps for optimizing the environment using Microsoft Azure services. This offer is available only in Spanish.
	Azure Managed Services: 1-Week Assessment: Navisite offers a robust set of managed services for Microsoft Azure, including architecture design, migration plan creation, testing and execution, and production implementations, to help you optimize your Azure investment.
	Azure Migration Audit: 4-Day Assessment: Looking to migrate your business applications and services to Microsoft Azure? Available only in Spanish, ODM Computers’ four-day assessment will identify elements that can be successfully migrated or transformed.
	Azure Secure Score: 8-Week Implementation: Razor Technology offers support and consulting services using the Secure Score feature in Microsoft Azure Security Center to prioritize, triage, and track your company’s security landscape. Quickly improve identity, threat protection, and compliance across your organization.
	Build Your IoT Vision: 10-Week Implementation: In this 10-week engagement, MaibornWolff will work with your team to design and implement a production-ready IoT solution based on Microsoft Azure IoT.
	Cisco Cloud ACI on Azure: 3-Week Implementation: Extend the capabilities of Cisco Application Centric Infrastructure (ACI) to Microsoft Azure in this three-week implementation from Logicalis. Easily achieve business continuity and disaster recovery mandates while enabling consistent policy, security, and operations in your hybrid multi-cloud environment.
	Cloud Computing: 10-Day Implementation: Devoteam Alegri’s 10-day implementation will help ensure you meet your pharmaceutical or healthcare organization’s compliance requirements using Microsoft Azure services. This offer is available only in German.
	Cloud Navigator: 1-Day Assessment: Available only in German, Orange Networks’ Cloud Navigator assessment will demonstrate how you can use Microsoft Azure PaaS services, Microsoft Power BI, and PowerShell to manage your compliance processes. Deliverables include recommendations for action and clearly defined next steps.
	Cloud Strategy for Azure: 2-Hour Scoping Workshop: This free workshop from Innovation Process Technology will help you define your organization’s cloud strategy and establish a sustainable Microsoft Azure environment customized to your business needs.
	Cloud Z DB: 2-Week Implementation: SK will implement its Cloud Z DB solution, a dedicated management database as a service (DBaaS) platform providing a variety of features suitable for enterprise environments. This service is available only in Korean.
	Data & AI: 2-Day Strategy Assessment: The Data Analysis Bureau offers this assessment to guide you on your AI, data, and analytics journey with the implementation of Microsoft Azure services. Deliverables include an action plan with clearly defined next steps to start a proof of concept or pilot your initial data concepts in Azure.
	Data Analytics with Azure Synapse Analytics: 1-Hour Briefing: Learn how a modern data analytics solution using Microsoft Azure Synapse Analytics and Power BI can accelerate your business intelligence and reporting solutions in this free briefing from The Unbelievable Machine Company.
	Data Envision: 2-Day Workshop: Crayon will meet with your decision makers to enhance their understanding of Microsoft Azure services; identify opportunities, advantages, and risks in your organization’s data strategy; and deliver a strategic roadmap and recommendations for implementation.
	Data Governance & Protection: 1-Week Implementation: Optiv Security’s data governance and protection implementation will help your business improve Microsoft Azure security safeguards, reduce risk through effective data control and visibility, secure data with automated labeling and set policies, and more.
	Data Liberation Network – 4-Week Implementation: Scamander Solutions will implement its Data Liberation Network, a secure, scalable data-based network built on Microsoft Azure, in this four-week engagement. This service is available only in Dutch.
	Data Strategy: 2-Week Assessment: Tallan’s two-week assessment will give you a robust view of your current data strategy, along with recommendations to help your organization succeed with Microsoft Azure services for your data analytics and business goals.
	DBA as a Service: 1-Month Implementation: Whether you have an on-premises, hybrid, or cloud-based ERP solution, AccTech Systems’ DBA as a Service offering helps you manage and monitor any ERP data platform running on Microsoft Azure infrastructure.
	Developing an End2End Cloud Strategy: 5-Week Workshop: In this comprehensive five-week workshop, MaibornWolff will walk you through the seven spheres of a successful cloud journey: infrastructure, applications, methodology, organization, business, security, and governance.
	DevOps: 1-Week Assessment: Credera’s assessment includes a review of your DevOps processes and maturity level along with your current Microsoft Azure DevOps and GitHub Enterprise tooling. Credera then provides a comprehensive DevOps analysis covering critical success factors, an implementation roadmap, and more.
	DevOps: 2-Day Workshop: Credera’s two-day workshop includes a briefing on current DevOps technologies, a review of your DevOps understanding and usage, and the identification of prioritized opportunities for DevOps optimization using Microsoft Azure DevOps and GitHub Enterprise in your organization.
	Migrate SAP to Azure: 10-Week Implementation: Realtech offers end-to-end migration services for any business looking to migrate its existing or new SAP environments to Microsoft Azure. This service includes all aspects of planning and coordination to ensure a successful migration.
	Modernize Data Platform: 4- to 8-Week Implementation: Get insights on any data and take advantage of the flexibility to build and deploy machine learning models on-premises or in the cloud with this Microsoft Azure-based data platform implementation from Officeline.
	Moodle LMS: 5-Day Implementation: Information Technology of Egypt will implement Moodle on Microsoft Azure according to your organization’s requirements. Moodle is a learning management system (LMS) designed to make creating long-distance education, training, and other online learning programs easier to set up and use.
	SAP to Azure Migration: 2-Week Assessment: Based on the Microsoft Cloud Adoption Framework for Azure, BGP Management Consulting’s SAP to Microsoft Azure assessment will identify the cloud adoption path that best fits your business, define a migration strategy and plan, and optimize your SAP workload.
	SAS Viya Deployment in Azure: 1-Hour Assessment: Learn how your business can benefit from moving its SAS Viya data platform to Microsoft Azure in this free assessment from Analytium. Topics include migration readiness, architecture options, and migration strategies.
	Virtual Desktop & Productivity: 1-Week Proof of Concept: IFI Techsolutions’ free proof of concept provides insight into how you can modernize your organization with Windows Virtual Desktop, enabling employees to access data and applications remotely. Deliverables include support documentation and recommendations for next steps.
	Windows Virtual Desktop: 4-Day Proof of Concept: ODM Computers’ experts will deploy the infrastructure for the Windows Virtual Desktop service, enabling you to test an application, see how the virtual desktop solution works, and determine how much it would cost to implement.
	Workload Assessment: 6-Day Assessment: New Signature will review your application and infrastructure estate to determine whether each application should be rehosted, refactored, rebuilt, rearchitected, retired, or replaced.
	wSOC: 6-Week Implementation: Wragby Business Solutions & Technologies offers this six-week implementation of the Wragby Security Operations Center (wSOC), a suite of modern and intelligent security solutions built on Microsoft Azure that provide increased security for remote workers.

Friday Five: Endpoint Manager, Azure Monitor, More!

by Contributed | Jun 11, 2021 | Technology

This article is contributed. See the original author and article here.

MDM policy processing on Windows 10 with Microsoft Endpoint Manager, a closer look

Kenneth van Surksum is an Enterprise Mobility MVP from The Netherlands. Kenneth works as a modern workplace consultant at Insight24 and specializes in building modern workplace solutions on top of Microsoft 365. Kenneth is co-founder of the Windows Management User Group Netherlands (WMUG_NL), which recently rebranded to the Workplace Ninja User Group Netherlands, and organizes (virtual) community meetings on a regular basis. Kenneth loves to speak about technical topics related to his daily work. Kenneth is Microsoft Certified Trainer and has multiple certifications, including the VMware vExpert award. For more, check out Kenneth’s Twitter @kennethv

Step by Step Manage Windows Server in Azure with Windows Admin Center

Robert Smit is an EMEA Cloud Solution Architect at Insight.de and is a current Microsoft MVP Cloud and Datacenter as of 2009. Robert has over 20 years of experience in IT with experience in the educational, healthcare and finance industries. Robert’s past IT experience in the trenches of IT gives him the knowledge and insight that allows him to communicate effectively with IT professionals. Follow him on Twitter at @clusterMVP

Does your Application use deprecated features of SQL Server or SQL Azure?

Sergio Govoni is a graduate of Computer Science from “Università degli Studi” in Ferrara, Italy. Following almost two decades at Centro Software, a software house that produces the best ERP for manufacturing companies that are export-oriented, Sergio now manages the Development Product Team and is constantly involved in several team projects. For the provided help to technical communities and for sharing his own experience, since 2010 he has received the Microsoft Data Platform MVP award. In 2011, he contributed to writing the book: SQL Server MVP Deep Dives Volume 2. Follow him on Twitter or read his blogs in Italian and English.

Azure Monitor Insights for Arc enabled Kubernetes Clusters anywhere

James van den Berg has been working in ICT with Microsoft Technology since 1987. He works for the largest educational institution in the Netherlands as an ICT Specialist, managing datacenters for students. He’s proud to have been a Cloud and Datacenter Management since 2011, and a Microsoft Azure Advisor for the community since February this year. In July 2013, James started his own ICT consultancy firm called HybridCloud4You, which is all about transforming datacenters with Microsoft Hybrid Cloud, Azure, AzureStack, Containers, and Analytics like Microsoft OMS Hybrid IT Management. Follow him on Twitter @JamesvandenBerg and on his blog here.

Teams Real Simple with Pictures: Setting up Supervised Chat in Microsoft Teams

Chris Hoard is a Microsoft Certified Trainer Regional Lead (MCT RL), Educator (MCEd) and Teams MVP. With over 10 years of cloud computing experience, he is currently building an education practice for Vuzion (Tier 2 UK CSP). His focus areas are Microsoft Teams, Microsoft 365 and entry-level Azure. Follow Chris on Twitter at @Microsoft365Pro and check out his blog here.

How to setup File system storage utilization alert rule for web apps

by Contributed | Jun 11, 2021 | Technology

This article is contributed. See the original author and article here.

As following document indicated, File System Usage is a new metric being rolled out globally, no data is expected unless your app is hosted in an App Service Environment.

https://docs.microsoft.com/en-us/Azure/app-service/web-sites-monitor#understand-metrics

Therefore you may not use this metric for alert rule currently, even you can see this metric in alert rule setting UI.

As a workaround, we can create a WebJob to call following rest api that can get app service plan “File System storage’ utilization and then sent an email if met exceed usage situation.

https://management.azure.com /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Web/serverfarms/{app service plan name}/usages?api-version=2019-08-01

Here is my demo steps for your reference.

1.In order to call resource manager rest api, firstly I created service principal that can access resources.

Sign in to Azure Account through the Azure portal->Select Azure Active Directory->Select App registrations->Select New registration.

To access resources in subscription, assign the application to a role as contributor role.

Select the particular subscription that include your app service plan to monitor.

Select Access control(IAM)->Add role assignment, add the contributor role to application.

Get values for signing in.
Select Azure Active Directory->From App registrations in Azure AD, select your application.
Copy the Directory(tenant)ID and Application(client) ID and will use it later.

At this App registration, Create a new application secret, select Certificates & secrets->Select Client secrets -> New client secret.

Also copy this secret for later use.

For more details for above steps, please refer below link:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

2.Create a new C# .net Core Console app in the visual studio for the web job development.

Install the latest stable 3.x version of the Microsoft.Azure.WebJobs.Extensions NuGet package, which includes Microsoft.Azure.WebJobs.

Here’s the Package Manager Console command for version 3.0.2:

Install-Package Microsoft.Azure.WebJobs.Extensions -version 3.0.2

Install the Active directory authentication package in Visual Studio.
The package is available in the NuGet Gallery.

Get an access token for the app in C# program.
In program.cs, add an assembly reference for the ActiveDirectory identity model:

using Microsoft.IdentityModel.Clients.ActiveDirectory;

And add a method to get an access token using previously copied tenantId, applicationId and client secret.

private static async Task<string> GetAccessToken(string tenantid, string clientid, string clientsecret)
        {
            string authContextURL = "https://login.microsoftonline.com/" + tenantid;
            var authenticationContext = new AuthenticationContext(authContextURL);
            var credential = new ClientCredential(clientid, clientsecret);
            var result = await authenticationContext.AcquireTokenAsync("https://management.azure.com/", credential);

            if (result == null)
            {
                throw new InvalidOperationException("Failed to obtain the JWT token");
            }

           
           return result.AccessToken;
        }

Now everything is set to make REST calls defined in the Azure Resource manager REST API.
We can add a method to call a following GET REST API for app service plan “File System storage’ utilization with the token gotten by above method and calculate if the current usage exceed limit.

https://management.azure.com/subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Web/serverfarms/{appserviceplan}/usages?api-version=2019-08-01

private static bool GetUsage(string URI, String token)
        {
            Uri uri = new Uri(String.Format(URI));

            // Create the request
            var httpWebRequest = (HttpWebRequest)WebRequest.Create(uri);
            httpWebRequest.Headers.Add(HttpRequestHeader.Authorization, "Bearer " + token);
            httpWebRequest.ContentType = "application/json";
            httpWebRequest.Method = "GET";

            // Get the response
            HttpWebResponse httpResponse = null;
            try
            {
                httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
                return false;
            }

            string result = null; 
            using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
            {
                result = streamReader.ReadToEnd();
            }
            Int64 currentvalue = Convert.ToInt64(JObject.Parse(result).SelectToken("value[10].currentValue").ToString());
            Int64 limit = Convert.ToInt64(JObject.Parse(result).SelectToken("value[10].limit").ToString());
            if (currentvalue > limit)//You can set your condition as your requirement
                return true;
            else
                return false;
}

Then in the execute method, will send email if the usage exceed. In this method I used SendGrid to implement emailing feature.

For more details regarding SendGrid configuration, please refer following link:
https://docs.microsoft.com/en-us/azure/sendgrid-dotnet-how-to-send-email

public static void Execute()
        {
            string tenantId = "yourtenandid";
            string clientId = "yourclientid";
            string clientSecret = "yourclientsecret";
            string restapiurl = "https://management.azure.com/subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Web/serverfarms/{appserviceplan}/usages?api-version=2019-08-01";

            var token = GetAccessToken(tenantId,clientId,clientSecret).Result;
            if (GetUsage(restapiurl, token))
            {
                var apiKey = ConfigurationManager.AppSettings["AzureWebJobsSendGridApiKey"].ToString();
                var client = new SendGridClient(apiKey);
                var msg = new SendGridMessage()
                {
                    From = new EmailAddress("loshen@microsoft.com", "DX Team"),
                    Subject = "henry",
                };
                msg.AddTo(new EmailAddress("loshen@microsoft.com", "Test User"));
                msg.AddContent("text/html", "<html><body>There is Alert for File sytem usage.</body></html>");
                var response = client.SendEmailAsync(msg).Result;
            }
                
        }

The complete code for program.cs would be like this:

using System;
using System.IO;
using System.Threading.Tasks;
using SendGrid;
using SendGrid.Helpers.Mail;
using System.Net;
using System.Configuration;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;

namespace HenryWebJob
{
    class Program
    {
        
        
        static void Main()
        {
            Execute();
        }
        public static void Execute()
        {
            string tenantId = "yourtenandid";
            string clientId = " yourclientid ";
            string clientSecret = "yourclientsecret";
            string restapiurl = " https://management.azure.com/subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Web/serverfarms/{appserviceplan}/usages?api-version=2019-08-01";

            var token = GetAccessToken(tenantId,clientId,clientSecret).Result;
            if (GetUsage(restapiurl, token))
            {
                var apiKey = ConfigurationManager.AppSettings["AzureWebJobsSendGridApiKey"].ToString();
                var client = new SendGridClient(apiKey);
                var msg = new SendGridMessage()
                {
                    From = new EmailAddress("loshen@microsoft.com", "DX Team"),
                    Subject = "henry",
                };
                msg.AddTo(new EmailAddress("loshen@microsoft.com", "Test User"));
                msg.AddContent("text/html", "<html><body>There is Alert for File sytem usage.</body></html>");
                var response = client.SendEmailAsync(msg).Result;
            }
                
        }

        private static async Task<string> GetAccessToken(string tenantid, string clientid, string clientsecret)
        {
            string authContextURL = "https://login.microsoftonline.com/" + tenantid;
            var authenticationContext = new AuthenticationContext(authContextURL);
            var credential = new ClientCredential(clientid, clientsecret);
            var result = await authenticationContext.AcquireTokenAsync("https://management.azure.com/", credential);

            if (result == null)
            {
                throw new InvalidOperationException("Failed to obtain the JWT token");
            }

           
           return result.AccessToken;
        }
        private static bool GetUsage(string URI, String token)
        {
            Uri uri = new Uri(String.Format(URI));

            // Create the request
            var httpWebRequest = (HttpWebRequest)WebRequest.Create(uri);
            httpWebRequest.Headers.Add(HttpRequestHeader.Authorization, "Bearer " + token);
            httpWebRequest.ContentType = "application/json";
            httpWebRequest.Method = "GET";

            // Get the response
            HttpWebResponse httpResponse = null;
            try
            {
                httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
                return false;
            }

            string result = null; 
            using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
            {
                result = streamReader.ReadToEnd();
            }
            Int64 currentvalue = Convert.ToInt64(JObject.Parse(result).SelectToken("value[10].currentValue").ToString());
            Int64 limit = Convert.ToInt64(JObject.Parse(result).SelectToken("value[10].limit").ToString());
            if (currentvalue < limit)//You can set your condition as your requirement
                return true;
            else
                return false;
        }
    }
}

Then schedule the webjob as every 5 minutes with Settings.job file.

{
  "schedule": "0 */5 * * * *"


  //    Examples:

  //    Runs every minute
  //    "schedule": "0 * * * * *"

  //    Runs every 15 minutes
  //    "schedule": "0 */15 * * * *"

  //    Runs every hour (i.e. whenever the count of minutes is 0)
  //    "schedule": "0 0 * * * *"

  //    Runs every hour from 9 AM to 5 PM
  //    "schedule": "0 0 9-17 * * *"

  //    Runs at 9:30 AM every day
  //    "schedule": "0 30 9 * * *"

  //    Runs at 9:30 AM every week day
  //    "schedule": "0 30 9 * * 1-5"
}

Publish the webjob to an webapp

In Solution Explorer, right-click the project and select Publish.

Then go the webapp->WebJobs, can see webjob running as scheduled.

For more details regarding webjob, can refer following link:

https://docs.microsoft.com/en-us/azure/app-service/webjobs-sdk-get-started

Managed Instance – WASDRGTenantMonitoringRO and xtsuser logins

by Contributed | Jun 11, 2021 | Technology

This article is contributed. See the original author and article here.

If you look at the logins for a Managed Instance, you will notice two logins
that are created by default for any Managed Instance: WASDRGTenantMonitoringRO
and xtsuser (which is actually disabled). These logins are part of the internal role
Microsoft creates for DevOps purposes. These roles only have CONNECT and VIEW
SERVER STATE permissions, don’t have access to your data, and have no ability to
make any modifications.

https://testfabrikstorage001.blob.core.windows.net/adp300/Azure_SQL_Revealed.pdf

Regards, Paloma.-

« Older Entries

Next Entries »

News About the June 2021 Cumulative Update for Exchange Server

Today’s Security Landscape

Introducing Exchange Server integration with AMSI

Azure Marketplace new offers – Volume 145

Applications

Consulting services

Friday Five: Endpoint Manager, Azure Monitor, More!

How to setup File system storage utilization alert rule for web apps

Managed Instance – WASDRGTenantMonitoringRO and xtsuser logins

Recent Posts

Recent Comments

Archives

Categories

Meta

We look forward to meeting you