Azure Stack – Write Written

Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your
business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global
network using your favorite tools and frameworks.

Microsoft Azure is one of the most powerful public cloud platforms available today, but Azure can be limiting when scaling,or in complying with data residency regulations. Microsoft Azure Stack enables you to use the full functionality of Azure withthe benefit of high-performance dedicated resources in a private environment. Using Microsoft Azure Stack, data residency regulations are no longer an obstacle as you know exactly where your data and workloads are hosted.
As a Microsoft Gold Partner, we can help you transition the right workloads to Microsoft Azure Stack. With an extensive set of platform services and consistent DevOps tools across Azure platforms, your development team can build applications that can be easily deployed and scaled. The familiar environment of Azure reduces your teams’ learning curve while helping your business become even more flexible.

Key Features PaaS Functionalities
Microsoft Azure has an extensive set of Platform as a Service (PaaS) features that enable your business to
operate with higher efficiency and agility. Service Fabric, Container Services and SQL Databases are just a
handful of the many tools available to improve your business performance.

Data Residency
Host Microsoft Azure Stack in our EU-based data centers so you know the location of your data and that it’s safe.
Our data centers are third-party certified and have extensive security measures in place. Additionally, our
vigilance around GDPR compliance ensures your solution will conform to the latest requirements.Dedicated Resources

Microsoft Azure Stack uses high-performance dedicated resources that work only for your processes and
workloads. This makes sure your mission-critical workloads run at optimal speed.
Hybrid Ready
Our Microsoft Azure Stack Private Cloud solution gives you a truly consistent hybrid-cloud experience across
Azure platforms. Develop, test and deploy workloads locally or in the cloud, based on the most suitable platform
for your business requirements with unmatched flexibility and control.
Microsoft has stated that, per the USA Patriot Act, the US government could have access to the data even if the hosted company is not American and the data resides outside the USA.[30] However, Microsoft Azure is compliant with the E.U.
Data Protection Directive (95/46/EC).[31][32][contradictory] To manage privacy and security-related concerns, Microsoft has created a Microsoft Azure Trust Center,[33] and Microsoft Azure has several of its services compliant with several compliance programs including ISO 27001:2005 and HIPAA. A full and current listing can be found on the Microsoft Azure Trust Center Compliance page.[34] Of special note, Microsoft Azure has been granted JAB Provisional Authority to Operate (P-ATO) from the U.S. government in accordance with guidelines spelled out under the Federal Risk and Authorization

Management Program(FedRAMP), a U.S. government program that provides a standardized approach to security
assessment, authorization, and continuous monitoring for cloud services used by the federal government.
the old approach of storing all your data and software in your own server tower. Now devices are shrinking to
become more mobile, and they are becoming less like local processors and more like portals onto distant files
and applications. The cloud, whether it’s your own private cloud or some third-party datacenter, is what you’re
reaching into these portals to access. A lot of what cloud providers offer comes in the form of software
subscriptions, or SaaS—that’s Software as a Service—like Microsoft’s Office 365 suite. But if you want to build or
host applications in the cloud, you’ll want a service like Azure.
Microsoft categorizes Azure services under four main headings:
Cloud Services (PaaS):
Developers can use Azure as a platform for building and deploying applications. They create the code with tools
provided by Azure, and then virtual machines execute the rules of the application using Windows Server. Since
the development and hosting tools are purchased through a subscription, Azure Cloud Services is an example of
what’s called Platform as a Service (PaaS).With Cloud Services, your application will run on virtual machines, but unlike with the Virtual Machines service (see below), Azure will install the operating system for you and continuously update it with any new patches.

You can use Cloud Services to create different roles for users—web users or workers, for instance—and it’s
really easy, as it is with all Azure tools, to scale up or down to accommodate increases or decreases in the
number of users. This type of autoscaling allows you to pay only for the computing power that actually gets
used.
Virtual Machines (IaaS):
Azure gives you the ability to create VMs simply by specifying the size and the Virtual Hard Disk (VHD) you want
to use. The VHD is the virtual version of a hard drive on a conventional computer; it’s the storage unit on which
all the files and applications are saved. Microsoft Azure provides access to both Windows and Linux VHDs, so it
accommodates developers with expertise in either. And with this service as well, you only pay according to how
much time the VM is running One of the big advantages of VMs is that developers can use them to build and test applications quickly at lowcost. You can also use VMs to augment on-site datacenters to boost the power of applications like SharePoint.
Since Azure Virtual Machines essentially gives you the computing substrate for your applications through a
service subscription, it falls into the category of Infrastructure as a Service (IaaS).
You can make use of virtualization in your on-site datacenters, but if you’re using Azure you’ll definitely be
relying on virtual machines to one extent or another. To create virtual servers on physical servers, you use
software that sets up divisions between each virtual machine (VM) and allows them all to operate
independently. What this does is add a layer of abstraction between your information and the physical
infrastructure that hosts it. This in turn gives you more flexibility in how you manage and protect the various
elements of your computing environment.
Web Sites:
You can use Azure as a platform for creating and hosting websites and web applications. Web Sites supports
several different development tools and content management systems. And it provides a low cost way to make
your site available to however many visitors use it without having to maintain or upgrade any on-site servers.
Hosting your website on Azure allows you to take advantage of autoscaling, which means your server capacity
will be automatically augmented to accommodate spikes in traffic, but it will return to normal once the spike is
over. Again, you only pay for the capacity you use.
Mobile Services (mBaaS):
Like Cloud Services, Azure’s Mobile Services give you the tools to create and deploy applications, but obviously
in this case the apps are targeted for mobile devices. The information that gets accessed by the app running on
your device is stored in what’s called a back-end database, and so Mobile Services is referred to as mobile Backendas a Service (mBaaS). With Azure, you can build apps for Android, iOS, HTML/ JavaScript, and Windows
Phone.
You get three basic advantages from using cloud platforms and infrastructure as opposed to on-site machines:
1. Quicker Development
Purchasing new servers, configuring them, and integrating them into your existing environment tends to be both
costly and time-consuming. With Azure, you can set up an application and start building it out in minutes.
2. Autoscaling
Demand for your applications may be variable throughout the year (think tax return filing software). Or you may
expect a low number of users at first followed by huge growth as your application catches on. You may even
expect usage to the decline, maybe because you’re launching another application. Scaling up with your own onsiteservers means purchasing and provisioning them to accommodate growth. And once the servers are in placeyou still have to maintain them even if they’re not being used.
3. Easier Maintenance and Backup
On-site server farms require a lot of regular upkeep: climate control, electricity, disaster recovery, backups,
security. Moving to the cloud means freeing up your IT staff so they can focus on new projects instead of routine
maintenance.
Azure Cloud Shell provides browser-based authenticated shell access to Azure from virtually anywhere. Cloud
Shell gives the users a rich environment with common tools that is updated and maintained by Microsoft.
Currently, Azure Cloud Shell provides two environments that can be launched from Azure Portal, dedicated
URL, Azure documentation, Visual Studio Code via the Azure Account extension, and Azure App:
Bash in Cloud Shell that runs Bash shell on Ubuntu Linux, which was made generally available in November 2017
PowerShell in Cloud Shell that runs Windows PowerShell 5.1 on Windows Server Core and has been in preview

since September 2017In this post, we are listing the key upcoming changes to the PowerShell experience in Azure Cloud Shell, namely:
Faster startup timePowerShell Core 6 as the default experience running on a Linux containerPersistent Tool
Settings.

Faster Startup Time
We are well-aware that the startup time of PowerShell in Azure Cloud Shell is well below the user’s expectation.
For past couple of months, the team has been working hard to make significant improvements in this area. We
expect to deliver multi-fold improvements in the startup time for PowerShell experience (and also make Bash
experience faster).
Default to PowerShell Core 6
In January 2018, PowerShell Core 6 reached its general availability (GA). With the ecosystem of PowerShell Core
6 growing, it’s the perfect opportunity to make PowerShell Core 6 the default PowerShell experience in Cloud
Shell. To support easy management of Azure resources, all of the Azure PowerShell modules are on path to be
supported on PowerShell Core 6 currently in preview.
Consistent Tool Availability
To ensure the best command-line tools experience while using Azure Cloud Shell, the PowerShell experience will
be switching to a Linux container running PowerShell Core 6. This change will enable a consistent toolset
experience across the PowerShell and Bash experiences in Cloud Shell.
Persistent Tool Settings In addition to saving your modules and scripts to Cloud Drive, persistent settings for available tools, such as Git and SSH, will be automatically saved to your Cloud Drive. This will remove the need for any additional set-up for these tools, as currently needed.
This article helps you use the Change Tracking solution to easily identify changes in your environment. The
solution tracks changes to Windows and Linux software, Windows and Linux files, Windows registry keys,
Windows services, and Linux daemons. Identifying configuration changes can help you pinpoint operational
issues.
Changes to installed software, Windows services, Windows registry and files, and Linux daemons on themonitored servers are sent to the Log Analytics service in the cloud for processing. Logic is applied to the
received data and the cloud service records the data. By using the information on the Change Tracking
dashboard, you can easily see the changes that were made in your server infrastructure.
Enable Change Tracking and Inventory
To begin tracking changes, you need to enable the Change Tracking and Inventory solution for your Automation
Account.

In the Azure portal, navigate to your Automation AccountSelect Change Tracking under CONFIGURATION.Select
an existing Log analytics workspace or Create New Workspaceand click Enable.
This enables the solution for your automation account. The solution can take up to 15 minutes to enable. The
blue banner notifies you when the solution is enabled. Navigate back to the Change Tracking page to manage
the solution.
Configuring Change Tracking and Inventory
To learn how to onboard computers to the solution visit: Onboarding Automation solutions. Once you have a
machine onboarding with the Change Tracking and Inventory solution you can configure the items to track.
When you enable a new file or registry key to track, it is enabled for both Change Tracking and Inventory.
For tracking changes in files on both Windows and Linux, MD5 hashes of the files are used. Theses hashes are
then used to detect if a change has been made since the last inventory.
Configure Linux files to track
Use the following steps to configure file tracking on Linux computers:
In your Automation Account, select Change tracking under CONFIGURATION MANAGEMENT. Click Edit
Settings (the gear symbol).On the Change Tracking page, select Linux Files, then click + Add to add a new file to
track.On the Add Linux File for Change Tracking, enter the information for the file or directory to track and
click Save.
PropertyDescriptionEnabledDetermines if the setting is applied.Item NameFriendly name of the file to be
tracked.GroupA group name for logically grouping files.Enter PathThe path to check for the file. For example:
“/etc/*.conf”PathType, Type of item to be tracked, possible values are File and Directory.RecursionDetermines if
recursion is used when looking for the item to be tracked.Use SudoThis setting determines if sudo is used whenchecking for the item.Links this setting determines how symbolic links dealt with when traversing directories.
Ignore – Ignores symbolic links and does not include the files/directories referenced.
Follow – Follows the symbolic links during recursion and also includes the files/directories referenced.
Manage – Follows the symbolic links and allows altering of returned content.

Configure Windows files to track Use the following steps to configure files tracking on Windows computers:
In your Automation Account, select Change tracking under CONFIGURATION MANAGEMENT. Click Edit
Settings (the gear symbol).On the Change Tracking page, select Windows Files, then click + Add to add a new file
to track.On the Add Windows File for Change Tracking, enter the information for the file to track and click Save.
PropertyDescriptionEnabledDetermines if the setting is applied.Item NameFriendly name of the file to be
tracked.GroupA group name for logically grouping files.Enter Path is the path to check for the file for example:
“c:\temp\myfile.txt”
Configure Windows registry keys to track
Use the following steps to configure registry key tracking on Windows computers: In your Automation Account, select Change tracking under CONFIGURATION MANAGEMENT. Click Edit Settings (the gear symbol).On the Change Tracking page, select Windows Registry, then click + Add to add a new registry key to track.On the Add Windows Registry for Change Tracking, enter the information for the key to track and click Save.

PropertyDescriptionEnabled determines if the setting is applied.Item NameFriendly name of the file to be
tracked.GroupA group name for logically grouping files.Windows Registry Key the path to check for the file. For
example: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell
Folders\Common Startup”
Limitations
The Change Tracking solution does not currently support the following items:
Folders (directories) for Windows file tracking recursion for Windows file tracking Wild cards for Windows file
Tracking recursion for Windows registry trackingPath variables network file systemsFile Content
Other limitations:
The Max File Size column and values are unused in the current implementation.If you collect more than 2500
files in the 30-minute collection cycle, solution performance might be degraded.When network traffic is high,
change records may take up to six hours to display.If you modify the configuration while a computer is shut
down, the computer might post changes that belonged to the previous configuration.

Known Issues The Change Tracking solution is currently experiencing the following issues:
Hotfix updates are not collected for Windows 10 Creators Update and Windows Server 2016 Core RS3 machines.

Use Change Tracking
After the solution is enabled, you can view the summary of changes for your monitored computers by
selecting Change Tracking number CONFIGURATION MANAGEMENT in your Automation account.
You can view changes to your computers and then drill-into details for each event. Drop downs are available at
the top of the chart to limit the chart and detailed information based on change type and time ranges. You can
also click and drag on the chart to select a custom time range.
Clicking on a change or event brings up the detailed information about that change. As you can see from the
example, the startup type of the service was changed from Manual to Auto.

Search logs
In addition to the details that are provided in the portal, searches can be done against the logs. With the Change
Tracking page open, click Log Analytics, this opens the Log Search page.

IaaS Services
Microsoft Azure Stack has many IaaS features and functionalities such as: deployment of various sized VMs,
Linux and Windows Containers, Virtual Networking, VPN Gateways, various forms of storage and Key Vault for
secure protection of application keys and secrets.

Compute
Various size VMs, VM template gallery, VM Monitoring, VM Image Gallery, VM DepotScale up/down, existing VMsApplication based VM templates, creation of customized templates, Resource groups, Guest OS diagnostics andMonitoringSelf-Service PortalService, Management APILinux and Windows Server Containers

Storage
Blob Storage, Premium StorageQueues

Networking
Virtual Networking – FirewallVirtual Networking – NATVirtual Networking – Site-to-Site VPNVirtual Networking –
Manage virtual networks and subnetsLoad Balancing
Security & Management
PortalKey VaultStore/Marketplace

“All Your Company Information Technology Needs Under One Company”
3355 Lenox Road Atlanta, GA 30326
www.itgurusatl.com| customerservice@itgurusatl.com|
(888) 511-0143 OR (706) 406-5914

“As a registered SAM.gov company, we service government entities across the entire US and Canada”
“LIKE” us on Facebook at: www.facebook.com/itgurusatl / “FOLLOW US” on Twitter: www.twitter.com/itgurusatl / “CONNECT” with us on LinkedIn: www.linkedin.com/in/itgurusofatlanta/

SUBSCRIBE TO OUR NEWSFEED AND UPDATES AT: http://eepurl.com/cU_t7r

Leave a Reply

Your email address will not be published. Required fields are marked *