Google’s Anthos multi-cloud platform gets improved logging, Windows container support and more

Google today announced a sizable update to its Anthos multi-cloud platform that lets you build, deploy and manage containerized applications anywhere, including on Amazon’s AWS and (in preview) and Microsoft Azure.

Version 1.7 includes new features like improved metrics and logging for Anthos on AWS, a new Connect gateway to interact with any cluster right from Google Cloud and a preview of Google’s managed control plane for Anthos Service Mesh. Other new features include Windows container support for environments that use VMware’s vSphere platform and new tools for developers to make it easier for them to deploy their applications to any Anthos cluster.

Today’s update comes almost exactly two years after Google CEO Sundar Pichai originally announced Anthos at its Cloud Next event in 2019 (before that, Google called this project the ‘Google Cloud Services Platform,’ which launched three years ago). Hybrid- and multi-cloud, it’s fair to say, takes a key role in the Google Cloud roadmap — and maybe more so for Google than for any of its competitors. And recently, Google brought on industry veteran Jeff Reed to become the VP of Product Management in charge of Anthos.

Reed told me that he believes that there are a lot of factors right now that are putting Anthos in a good position. “The wind is at our back. We bet on Kubernetes, bet on containers — those were good decisions,” he said. Increasingly, customers are also now scaling out their use of Kubernetes and have to figure out how to best scale out their clusters and deploy them in different environments — and to do so, they need a consistent platform across these environments. He also noted that when it comes to bringing on new Anthos customers, it’s really those factors that determine whether a company will look into Anthos or not.

He acknowledged that there are other players in this market, but he argues that Google Cloud’s take on this is also quite different. “I think we’re pretty unique in the sense that we’re from the cloud, cloud-native is our core approach,” he said. “A lot of what we talk about in [Anthos] 1.7 is about how we leverage the power of the cloud and use what we call ‘an anchor in the cloud’ to make your life much easier. We’re more like a cloud vendor there, but because we support on-prem, we see some of those other folks.” Those other folks being IBM/Red Hat’s OpenShift and VMware’s Tanzu, for example. 

The addition of support for Windows containers in vSphere environments also points to the fact that a lot of Anthos customers are classical enterprises that are trying to modernize their infrastructure, yet still rely on a lot of legacy applications that they are now trying to bring to the cloud.

Looking ahead, one thing we’ll likely see is more integrations with a wider range of Google Cloud products into Anthos. And indeed, as Reed noted, inside of Google Cloud, more teams are now building their products on top of Anthos themselves. In turn, that then makes it easier to bring those services to an Anthos-managed environment anywhere. One of the first of these internal services that run on top of Anthos is Apigee. “Your Apigee deployment essentially has Anthos underneath the covers. So Apigee gets all the benefits of a container environment, scalability and all those pieces — and we’ve made it really simple for that whole environment to run kind of as a stack,” he said.

I guess we can expect to hear more about this in the near future — or at Google Cloud Next 2021.

 


By Frederic Lardinois

Microsoft brings new robotic process automation features to its Power Platform

Earlier this year, Microsoft acquired Softomotive, a player in the low-code robotic process automation space with a focus on Windows. Today, at its Ignite conference, the company is launching Power Automate Desktop, a new application based on Softomotive’s technology that lets anyone automate desktop workflows without needing to program.

“The big idea of Power Platform is that we want to go make it so development is accessible to everybody,” Charles Lamanna, Microsoft’s corporate VP for its low-code platform, told me. “And development includes understanding and reporting on your data with Power BI, building web and mobile applications with Power Apps, automating your tasks — whether it’s through robotic process automation or workflow automation — with Power Automate, or building chatbots and chat-based experiences with Power Virtual Agent.”

Power Automate already allowed users to connect web-based applications, similar to Zapier and IFTTT, but the company also launched a browser extension late last year to help users connect native system components to Power Automate. Now, with the integration of the Softomotive technology and the launch of this new low-code Windows application, it’s taking this integration into the native Windows user interface one step further.

“Everything still runs in the cloud and still connects to the cloud, but you now have a rich desktop application to author and record your UI automations,” Lamanna explained. He likened it to an “ultimate connector,” noting that the “ultimate API is just the UI.”

He also stressed that the new app feels like any other modern Office app, like Outlook (which is getting a new Mac version today, by the way) or Word. And like the modern versions of those apps, Power Automate Desktop derives a lot of its power from being connected to the cloud.

It’s also worth noting that Power Automate isn’t just a platform for automating simple two or three-step processes (like sending you a text message when your boss emails you), but also for multistep, business-critical workflows. T-Mobile, for example, is using the platform to automate some of the integration processes between its systems and Sprint.

Lamanna noted that for some large enterprises, adopting these kinds of low-code services necessitates a bit of a culture shift. IT still needs to have some insights into how these tools are used, after all, to ensure that data is kept safe, for example.

Another new feature the company announced today is an integration between the Power Platform and GitHub, which is now in public preview. The idea here is to give developers the ability to create their own software lifecycle workflows. “One of the core ideas of Power Platform is that it’s low code,” Lamanna said. “So it’s built first for business users, business analysts, not the classical developers. But pro devs are welcome. The saying I have is: we’re throwing a party for business users, but pro devs are also invited to the party.” But to get them onto the platform, the team wants to meet them where they are and let them use the tools they already use — and that’s GitHub (and Visual Studio and Visual Studio Code).


By Frederic Lardinois

Mirantis releases its first major update to Docker Enterprise

In a surprise move, Mirantis acquired Docker’s Enterprise platform business at the end of last year and while Docker itself is refocusing on developers, Mirantis kept the Docker Enterprise name and product. Today, Mirantis is rolling out its first major update to Docker Enterprise with the release of version 3.1.

For the most part, these updates are in line with what’s been happening in the container ecosystem in recent months. There’s support for Kubernetes 1.17 and improved support for Kubernetes on Windows (something the Kubernetes community has worked on quite a bit in the last year or so). Also new is Nvidia GPU integration in Docker Enterprise through a pre-installed device plugin, as well as support for Istio Ingress for Kubernetes and a new command-line tool for deploying clusters with the Docker Engine.

In addition to the product updates, Mirantis is also launching three new support options for its customers that now give them the option to get 24×7 support for all support cases, for example, as well as enhanced SLAs for remote managed operations, designated customer success managers and proactive monitoring and alerting. With this, Mirantis is clearly building on its experience as a managed service provider.

What’s maybe more interesting, though, is how this acquisition is playing out at Mirantis itself. Mirantis, after all, went through its fair share of ups and downs in recent years, from high-flying OpenStack platform to layoffs and everything in between.

“Why we do this in the first place and why at some point I absolutely felt that I wanted to do this is because I felt that this would be a more compelling and interesting company to build, despite maybe some of the short-term challenges along the way, and that very much turned out to be true. It’s been fantastic,” Mirantis CEO and co-founder Adrian Ionel told me. “What we’ve seen since the acquisition, first of all, is that the customer base has been dramatically more loyal than people had thought, including ourselves.”

Ionel admitted that he thought some users would defect because this is obviously a major change, at least from the customer’s point of view. “Of course we have done everything possible to have something for them that’s really compelling and we put out the new roadmap right away in December after the acquisition — and people bought into it at very large scale,” he said. With that, Mirantis retained more than 90 percent of the customer base and the vast majority of all of Docker Enterprise’s largest users.

Ionel, who almost seemed a bit surprised by this, noted that this helped the company to turn in two “fantastic” quarters and was profitable in the last quarter, despite the COVID-19.

“We wanted to go into this acquisition with a sober assessment of risks because we wanted to make it work, we wanted to make it successful because we were well aware that a lot of acquisitions fail,” he explained. “We didn’t want to go into it with a hyper-optimistic approach in any way — and we didn’t — and maybe that’s one of the reasons why we are positively surprised.”

He argues that the reason for the current success is that enterprises are doubling down on their container journeys and because they actually love the Docker Enterprise platform, like infrastructure independence, its developer focus, security features and ease of use. One thing many large customers asked for was better support for multi-cluster management at scale, which today’s update delivers.

“Where we stand today, we have one product development team. We have one product roadmap. We are shipping a very big new release of Docker Enterprise. […] The field has been completely unified and operates as one salesforce, with record results. So things have been extremely busy, but good and exciting.”


By Frederic Lardinois

Gremlin brings chaos engineering to Windows platform

Chaos engineering is about helping companies set up worst case scenarios and testing them to see what causes the operating system to fall over, but up until now, it has mostly been for teams running Linux servers. Gremlin, the startup that offers Chaos Engineering as a Service released a new tool to give engineers working on Microsoft Windows systems access to a similar set of experiments.

Gremlin co-founder and CEO Kolton Andrus says that the 4-year old company started with LInux support, then moved to Docker containers and Kubernetes, but there has been significant demand for Windows support, and the company decided it was time to build this into the platform too.

“The same types of failure can occur, but it happens in different ways on different operating systems. And people need to be able to respond to that. So it’s been the blind spot, and we [decided to] prioritize the types of experiments that people [running Windows] need the most,” he said.

He added, “What we’re launching here is that core set of capabilities for customers so they can go out and get started right away.”

To that end, the Gremlin Windows agent lets engineers run experiments on shutdown, CPU, disk, I/O, memory and latency attacks. It’s worth noting that a third of the world’s servers still run on Windows, and having this ability to test these systems in this way has been mostly confined to  companies who could afford to build their own systems in-house.

What Gremlin is doing for Windows is what it has done for the other supported systems. It’s enabling any company to take advantage of chaos engineering tools to help prevent system failure. During the pandemic, as some systems have become flooded with traffic, having this ability to experiment with different worst-case scenarios and figuring out what brings your system to its knees is more important than ever.

The Gremlin Windows agent not only gives the company a wider range of operating system support, it also broadens its revenue base, which is also increasingly important at a time of economic uncertainty.

The company, which is based in the San Francisco area was founded in 2016 and has raised over $26 million, according to Crunchbase data. The company raised the bulk of that, $18 million in 2018.


By Ron Miller

Microsoft makes it easier to get started with Windows Virtual Desktops

Microsoft today announced a slew of updates to various parts of its Microsoft 365 ecosystem. A lot of these aren’t all that exciting (though that obviously depends on your level of enthusiasm for products like Microsoft Endpoint Manager), but the overall thrust behind this update is to make life easier for the IT admins that help provision and manage corporate Windows — and Mac — machines, something that’s even more important right now, given how many companies are trying to quickly adapt to this new work-from-home environment.

For them, the highlight of today’s set of announcements is surely an update to Windows Virtual Desktop, Microsoft’s service for giving employees access to a virtualized desktop environment on Azure and that allows IT departments to host multiple Windows 10 sessions on the same hardware. The company is launching a completely new management experience for this service that makes getting started significantly easier for admins.

Ahead of today’s announcement, Brad Anderson, Microsoft’s corporate VP for Microsoft 365, told me that it took a considerable amount of Azure expertise to get started with this service. With this update, you still need to know a bit about Azure, but the overall process of getting started is now significantly easier. And that, Anderson noted, is now more important than ever.

“Some organizations are telling me that they’re using on-prem [Virtual Desktop Infrastructure]. They had to go do work to basically free up capacity. In some cases, that means doing away with disaster recovery for some of their services in order to get the capacity,” Anderson said. “In some cases, I hear leaders say it’s going to take until the middle or the end of May to get the additional capacity to spin up the VDI sessions that are needed. In today’s world, that’s just unacceptable. Given what the cloud can do, people need to have the ability to spin up and spin down on demand. And that’s the unique thing that a Windows Virtual Desktop does relative to traditional VDI.”

Anderson also believes that remote work will remain much more common once things go back to normal — whenever that happens and whatever that will look like. “I think the usage of virtualization where you are virtualizing running an app in a data center in the cloud and then virtualizing it down will grow. This will introduce a secular trend and growth of cloud-based VDI,” he said.

In addition to making the management experience easier, Microsoft is now also making it possible to use Microsoft Teams for video meetings in these virtual desktop environments, using a feature called ‘A/V redirection’ that allows users to connect their local audio and video hardware and virtual machines with low latency. It’ll take another month or so for this feature to roll out, though.

Also new is the ability to keep service metadata about Windows Virtual Desktop usage within a certain Azure region for compliance and regulatory reasons.

For those of you interested in Microsoft Endpoint Manager, the big news here is better support for macOS-based machines. Using the new Intune MDM agent for macOS, admins can use the same tool for managing repetitive tasks on Windows 10 and macOS.

Productivity Score — a product only an enterprise manager would love — is also getting an update. You can now see how people in an organization are reading, authoring and collaborating around content in OneDrive and SharePoint, for example. And if they aren’t, you can write a memo and tell them they should collaborate more.

There are also new dashboards here for looking at how employees work across devices and how they communicate. It’s worth noting that this is aggregate data and not another way for corporate to look at what individual employees are doing.

The one feature here that does actually seem really useful, especially given the current situation, is a new Network Connectivity category that helps IT to figure out where there are networking challenges.


By Frederic Lardinois

Microsoft’s Cortana drops consumer skills as it refocuses on business users

With the next version of Windows 10, coming this spring, Microsoft’s Cortana digital assistant will lose a number of consumer skills around music and connected homes, as well as some third-party skills. That’s very much in line with Microsoft’s new focus for Cortana, but it may still come as a surprise to the dozens of loyal Cortana fans.

Microsoft is also turning off Cortana support in its Microsoft Launcher on Android by the end of April and on older versions of Windows that have reached their end-of-service date, which usually comes about 36 months after the original release.

cortana

As the company explained last year, it now mostly thinks of Cortana as a service for business users. The new Cortana is all about productivity, with deep integrations into Microsoft’s suite of Office tools, for example. In this context, consumer services are only a distraction, and Microsoft is leaving that market to the likes of Amazon and Google .

Because the new Cortana experience is all about Microsoft 365, the subscription service that includes access to the Office tools, email, online storage and more, it doesn’t come as a surprise that the assistant’s new feature will give you access to data from these tools, including your calendar, Microsoft To Do notes and more.

And while some consumer features are going away, Microsoft stresses that Cortana will still be able to tell you a joke, set alarms and timers, and give you answers from Bing.

For now, all of this only applies to English-speaking users in the U.S. Outside of the U.S., most of the productivity features will launch in the future.


By Frederic Lardinois

The 7 most important announcements from Microsoft Ignite

It’s Microsoft Ignite this week, the company’s premier event for IT professionals and decision-makers. But it’s not just about new tools for role-based access. Ignite is also very much a forward-looking conference that keeps the changing role of IT in mind. And while there isn’t a lot of consumer news at the event, the company does tend to make a few announcements for developers, as well.

This year’s Ignite was especially news-heavy. Ahead of the event, the company provided journalists and analysts with an 87-page document that lists all of the news items. If I counted correctly, there were about 175 separate announcements. Here are the top seven you really need to know about.

Azure Arc: you can now use Azure to manage resources anywhere, including on AWS and Google Cloud

What was announced: Microsoft was among the first of the big cloud vendors to bet big on hybrid deployments. With Arc, the company is taking this a step further. It will let enterprises use Azure to manage their resources across clouds — including those of competitors like AWS and Google Cloud. It’ll work for Windows and Linux Servers, as well as Kubernetes clusters, and also allows users to take some limited Azure data services with them to these platforms.

Why it matters: With Azure Stack, Microsoft already allowed businesses to bring many of Azure’s capabilities into their own data centers. But because it’s basically a local version of Azure, it only worked on a limited set of hardware. Arc doesn’t bring all of the Azure Services, but it gives enterprises a single platform to manage all of their resources across the large clouds and their own data centers. Virtually every major enterprise uses multiple clouds. Managing those environments is hard. So if that’s the case, Microsoft is essentially saying, let’s give them a tool to do so — and keep them in the Azure ecosystem. In many ways, that’s similar to Google’s Anthos, yet with an obvious Microsoft flavor, less reliance on Kubernetes and without the managed services piece.

Microsoft launches Project Cortex, a knowledge network for your company

What was announced: Project Cortex creates a knowledge network for your company. It uses machine learning to analyze all of the documents and contracts in your various repositories — including those of third-party partners — and then surfaces them in Microsoft apps like Outlook, Teams and its Office apps when appropriate. It’s the company’s first new commercial service since the launch of Teams.

Why it matters: Enterprises these days generate tons of documents and data, but it’s often spread across numerous repositories and is hard to find. With this new knowledge network, the company aims to surface this information proactively, but it also looks at who the people are who work on them and tries to help you find the subject matter experts when you’re working on a document about a given subject, for example.

00000IMG 00000 BURST20180924124819267 COVER 1

Microsoft launched Endpoint Manager to modernize device management

What was announced: Microsoft is combining its ConfigMgr and Intune services that allow enterprises to manage the PCs, laptops, phones and tablets they issue to their employees under the Endpoint Manager brand. With that, it’s also launching a number of tools and recommendations to help companies modernize their deployment strategies. ConfigMgr users will now also get a license to Intune to allow them to move to cloud-based management.

Why it matters: In this world of BYOD, where every employee uses multiple devices, as well as constant attacks against employee machines, effectively managing these devices has become challenging for most IT departments. They often use a mix of different tools (ConfigMgr for PCs, for example, and Intune for cloud-based management of phones). Now, they can get a single view of their deployments with the Endpoint Manager, which Microsoft CEO Satya Nadella described as one of the most important announcements of the event, and ConfigMgr users will get an easy path to move to cloud-based device management thanks to the Intune license they now have access to.

Microsoft’s Chromium-based Edge browser gets new privacy features, will be generally available January 15

What was announced: Microsoft’s Chromium-based version of Edge will be generally available on January 15. The release candidate is available now. That’s the culmination of a lot of work from the Edge team, and, with today’s release, the company is also adding a number of new privacy features to Edge that, in combination with Bing, offers some capabilities that some of Microsoft’s rivals can’t yet match, thanks to its newly enhanced InPrivate browsing mode.

Why it matters: Browsers are interesting again. After years of focusing on speed, the new focus is now privacy, and that’s giving Microsoft a chance to gain users back from Chrome (though maybe not Firefox). At Ignite, Microsoft also stressed that Edge’s business users will get to benefit from a deep integration with its updated Bing engine, which can now surface business documents, too.

hero.44d446c9

You can now try Microsoft’s web-based version of Visual Studio

What was announced: At Build earlier this year, Microsoft announced that it would soon launch a web-based version of its Visual Studio development environment, based on the work it did on the free Visual Studio Code editor. This experience, with deep integrations into the Microsoft-owned GitHub, is now live in a preview.

Why it matters: Microsoft has long said that it wants to meet developers where they are. While Visual Studio Online isn’t likely to replace the desktop-based IDE for most developers, it’s an easy way for them to make quick changes to code that lives in GitHub, for example, without having to set up their IDE locally. As long as they have a browser, developers will be able to get their work done..

Microsoft launches Power Virtual Agents, its no-code bot builder

What was announced: Power Virtual Agents is Microsoft’s new no-code/low-code tool for building chatbots. It leverages a lot of Azure’s machine learning smarts to let you create a chatbot with the help of a visual interface. In case you outgrow that and want to get to the actual code, you can always do so, too.

Why it matters: Chatbots aren’t exactly at the top of the hype cycle, but they do have lots of legitimate uses. Microsoft argues that a lot of early efforts were hampered by the fact that the developers were far removed from the user. With a visual too, though, anybody can come in and build a chatbot — and a lot of those builders will have a far better understanding of what their users are looking for than a developer who is far removed from that business group.

Cortana wants to be your personal executive assistant and read your emails to you, too

What was announced: Cortana lives — and it now also has a male voice. But more importantly, Microsoft launched a few new focused Cortana-based experiences that show how the company is focusing on its voice assistant as a tool for productivity. In Outlook on iOS (with Android coming later), Cortana can now read you a summary of what’s in your inbox — and you can have a chat with it to flag emails, delete them or dictate answers. Cortana can now also send you a daily summary of your calendar appointments, important emails that need answers and suggest focus time for you to get actual work done that’s not email.

Why it matters: In this world of competing assistants, Microsoft is very much betting on productivity. Cortana didn’t work out as a consumer product, but the company believes there is a large (and lucrative) niche for an assistant that helps you get work done. Because Microsoft doesn’t have a lot of consumer data, but does have lots of data about your work, that’s probably a smart move.

GettyImages 482028705 1

SAN FRANCISCO, CA – APRIL 02: Microsoft CEO Satya Nadella walks in front of the new Cortana logo as he delivers a keynote address during the 2014 Microsoft Build developer conference on April 2, 2014 in San Francisco, California (Photo by Justin Sullivan/Getty Images)

Bonus: Microsoft agrees with you and thinks meetings are broken — and often it’s the broken meeting room that makes meetings even harder. To battle this, the company today launched Managed Meeting Rooms, which for $50 per room/month lets you delegate to Microsoft the monitoring and management of the technical infrastructure of your meeting rooms.


By Frederic Lardinois

Microsoft’s Chromium-based Edge browser gets new privacy features, will be generally available January 15

Microsoft today announced that its Chromium-based Edge browser will be generally available on January 15 and that the release candidate for Windows and macOS is now available for download (and that it features a new icon).

The development of the new Edge has progressed pretty rapidly and the latest build has been very stable, even as Microsoft started building more differentiated features like Collections into its more experimental builds.

With today’s release, Microsoft also is announcing new privacy features. The marquee feature here is probably the new InPrivate browsing mode that now, in combination with Bing, will keep your online searches and identities private. InPrivate, as the name implies, already deleted any information about your browsing session on your local machine when you closed the window. But now, when you search with Bing, Microsoft’s search engine you’ve probably forgotten about, your search history on Bing and any personally identifiable data will also not be saved or associated back to you.

By default, Edge will also now enable tracking prevention. “One of the things that’s hard on the web is how to balance the desire for privacy and the protection of your data — and yet you still want the web to be personalized,” said Yusuf Mehdi, the corporate vice president of Microsoft’s Modern Life, Search and Devices Group, in a pre-recorded briefing ahead of today’s announcement. “The problem today is, nobody has really nailed it. You’ve got some good companies doing some really innovative work to try and have super-strict privacy controls. The problem is, they break the web. And then you’ve got other ones who say, ‘hey, don’t worry about it, we’re just going to make it all work for you.’ But in the background, your data is getting tracked.” Mehdi, of course, thinks that Microsoft’s approach is the better one here — and more balanced.


By Frederic Lardinois

Microsoft’s Windows Virtual Desktop service is now generally available

Microsoft today announced that Windows Virtual Desktop (WVD), its Azure-based system for virtualizing the Windows and Office user experience it announced last September, is now generally available. Using WVD, enterprises can give their employees access to virtualized applications and remote desktops, including the ability to provide multi-session Windows 10 experiences, something that sets Microsoft’s own apart from that of other vendors who offer virtualized Windows desktops and applications.

In addition to making the service generally available, Microsoft is also rolling it out globally, whereas the preview was U.S.-only and the original plan was to slowly roll it out globally. As Scott Manchester, the principal engineering lead for WVD, also told me that over 20,000 companies signed up for the preview. He also noted that Microsoft Teams is getting enhanced support in WVD with a significantly improved video conferencing experience.

Shortly after announcing the preview of WVD, Microsoft acquired a company called FSLogix, which specialized in provisioning the same kind of virtualized Windows environments that Microsoft offers through WVD. As Microsoft’s corporate VP for Microsoft 365 told me ahead of today’s announcement, the company took a lot of the know-how from FSLogix to ensure that the user experience on WVD is as smooth as possible.

Andreson noted that just as enterprises are getting more comfortable with moving some of their infrastructure to the cloud (and have others worry about managing it), there is now also growing demand from organizations that want this same experience for their desktop experiences. “They look at the cloud as a way of saying, ‘listen, let the experts manage the infrastructure. They can optimize it; they can fine-tune it; they can make sure that it’s all done right.’ And then I’ll just have a first-party service — in this case Microsoft — that I can leverage to simplify my life and enable me to spin up and down capacity on demand,” Anderson said. He also noted, though, that making sure that these services are always available is maybe even more critical than for other workloads that have moved to the cloud. If your desktop stops working, you can’t get much done, after all.

Anderson also stressed that if a customer wants a multi-session Windows 10 environment in the cloud, WVD is the only way to go because that is the only way to get a license to do so. “We’ve built the operating system, we built the public cloud, so that combination is going to be unique and this gives us the ability to make sure that that Windows 10 experience is the absolute best on top of that public cloud,” he noted.

He also stressed that the FSLogix acquisition enabled his team to work with the Office team to optimize the user experience there. Thanks to this, when you spin up a new virtualized version of Outlook, for example, it’ll just take a second or two to load instead of almost a minute.

A number of companies are also still looking to upgrade their old Windows 7 deployments. Microsoft will stop providing free security patches for them very soon, but on WVD, these users will still be able to get access to virtualized Windows 7 desktops with free extended security updates until January 2023.  Anderson does not believe that this will be a major driver for WVD adoption, but he does see “pockets of customers who are working on their transition.”

Enterprises can access Windows 10 Enterprise and Windows 7 Enterprise on WVD at no additional licensing cost (though, of course, the Azure resources they consume will cost them) if they have an eligible Windows 10 Enterprise or Microsoft 365 license.

 


By Frederic Lardinois

Windows 10 now runs on over 900M devices

So you thought there were 800 million Windows 10 Devices that will get Microsoft’s most recent out-of-band emergency patch? Think again. As the company announced on Twitter today, Windows 10 now runs on over 900M devices.

That’s a bit of bad timing, but current security issues aside, the momentum for Windows 10 clearly remains steady. Last September, Microsoft said Windows 10 was running on 700 million devices and by March of this year, that number had gone up to 800 million. That number includes standard Windows 10 desktops and laptops, as well as the Xbox and niche devices like the Surface Hub and Microsoft’s HoloLens.

As Yusuf Mehdi, Microsoft’s Corporate Vice President of its ‘Modern Life, Search and Devices’ group, also noted, the company added more Windows 10 devices in the last twelve months than ever before.

Come January 2020, Windows 7 is hitting the end of its (supported) life, which is likely pushing at least some users to move over to a more modern (and supported) operating system.

While those numbers for Windows 10 are clearly ticking up, Microsoft itself famously thought that Windows 10 would get to 1 billion devices by the middle of 2018. At this rate, Windows 10 will likely hit 1 billion sometime in 2020.


By Frederic Lardinois

Microsoft Azure now lets you have a server all to yourself

Microsoft today announced the preview launch of Azure Dedicated Host, a new cloud service that will allow you to run your virtual machines on single-tenant physical services. That means you’re not sharing any resources on that server with anybody else and you’ll get full control over everything that’s running on that machine.

Previously, Azure already offered isolated Virtual Machine sizes for two very large virtual machine types. Those are still available, but their use cases are comparably limited to these new hosts, which offer far more flexibility.

With this move, Microsoft is following in the footsteps of AWS, which also offers Dedicated Hosts with very similar capabilities. Google Cloud, too, offers what it calls ‘sole-tenant nodes.’

Azure Dedicated Host will support Windows, Linux and SQL Server virtual machines and pricing is per host, independent of the number of virtual machines you end up running on them. You can currently opt for machines with up to 144 physical cores and prices start at $4.039 per hour.

To do this, Microsoft is offering two different processors to power these machines. Type 1 is based on the 2.3 GHz Intel Xeon E5-2673 v4 with up to 3.5 gigahertz of clock speed, while Type 2 features the Intel Xeon® Platinum 8168 with single-core clock speeds of up to 3.7 gigahertz. The available memory ranges from 32GiB to 448GiB. You can find more details here.

As Microsoft notes, these new dedicated hosts can help companies reach their compliance requirements for physical security, data integrity and monitoring. The dedicated hosts still share the same underlying infrastructure as any other host in the Azure data centers, but users have full control over any maintenance window that could impact their servers.

These dedicated hosts can also be grouped into larger host groups in a given Azure region, allowing you to build clusters of your own physical servers inside the Azure data center. Since you’re actually renting a physical machine, any hardware issue on that machine will impact the virtual machines you are running on them, so chances are you’ll want to have multiple dedicated hosts for your failover strategy anyway.

110b3725 54e2 4840 a609 adf18fcbe32f


By Frederic Lardinois

Microsoft brings Plug and Play to IoT

Microsoft today announced that it wants to bring the ease of use of Plug and Play, which today allows you to plug virtually any peripheral into a Windows PC without having to worry about drivers, to IoT devices. Typically, getting an IoT device connected and up and running takes some work, even with modern deployment tools. The promise of IoT Plug and Play is that it will greatly simplify this process and do away with the hardware and software configuration steps that are still needed today.

As Azure corporate vice president Julia White writes in today’s announcement, “one of the biggest challenges in building IoT solutions is to connect millions of IoT devices to the cloud due to heterogeneous nature of devices today – such as different form factors, processing capabilities, operational system, memory and capabilities.” This, Microsoft argues, is holding back IoT adoption.

IoT Plug and Play, on the other hand, offers developers an open modeling language that will allow them to connect these devices to the cloud without having to write any code.

Microsoft can’t do this alone, though, since it needs the support of the hardware and software manufacturers in its IoT ecosystem, too. The company has already signed up a number of partners, including Askey, Brainium, Compal, Kyocera, STMicroelectronics, Thundercomm and VIA Technologies . The company says that dozens of devices are already Plug and Play-ready and potential users can find them in the Azure IoT Device Catalog.


By Frederic Lardinois

Homeland Security warns of security flaws in enterprise VPN apps

Several enterprise virtual private networking apps are vulnerable to a security bug that can allow an attacker to remotely break into a company’s internal network, according to a warning issued by Homeland Security’s cybersecurity division.

An alert was published Friday by the government’s Cybersecurity and Infrastructure Security Agency following a public disclosure by CERT/CC, the vulnerability disclosure center at Carnegie Mellon University.

The VPN apps built by four vendors — Cisco, Palo Alto Networks, Pulse Secure, and F5 Networks — improperly store authentication tokens and session cookies on a user’s computer. These aren’t your traditional consumer VPN apps used to protect your privacy, but enterprise VPN apps that are typically rolled out by a company’s IT staff to allow remote workers to access resources on a company’s network.

The apps generate tokens from a user’s password and stored on their computer to keep the user logged in without having to reenter their password every time. But if stolen, these tokens can allow access to that user’s account without needing their password.

But with access to a user’s computer — such as through malware — an attacker could steal those tokens and use them to gain access to a company’s network with the same level of access as the user. That includes company apps, systems and data.

So far, only Palo Alto Networks has confirmed its GlobalProtect app was vulnerable. The company issued a patch for both its Windows and Mac clients.

Neither Cisco nor Pulse Secure have patched their apps. F5 Networks is said to have known about storing since at least 2013 but advised users to roll out two-factor authentication instead of releasing a patch.

CERT warned that hundreds of other apps could be affected — but more testing was required.


By Zack Whittaker

Cloud Foundry ❤ Kubernetes

Cloud Foundry, the open source platform-as-a-service project that more than half of the Fortune 500 companies use to help them build, test and deploy their applications, launched well before Kubernetes existed. Because of this, the team ended up building Diego, its own container management service. Unsurprisingly, given the popularity of Kubernetes, which has become somewhat of the de facto standard for container orchestration, a number of companies in the Cloud Foundry ecosystem starting looking into how they could use Kubernetes to replace Diego.

The result of this is Project Eirini, which was first proposed by IBM. As the Cloud Foundry Foundation announced today, Project Eirini now passes the core functional tests the team runs to validate the software releases of its application runtime, the core Cloud Foundry service that deploys and manages applications (if that’s a bit confusing, don’t even think about the fact that there’s also a Cloud Foundry Container Runtime, which already uses Kubernetes, but which is mostly meant to give enterprise a single platform for running their own applications and pre-built containers from third-party vendors).

a foundry for clouds“That’s a pretty big milestone,” Cloud Foundry Foundation CTO Chip Childers told me. “The project team now gets to shift to a mode where they’re focused on hardening the solution and making it a bit more production-ready. But at this point, early adopters are also starting to deploy that [new] architecture.”

Childers stressed that while the project was incubated by IBM, which has been a long-time backer of overall Cloud Foundry project, Google, Pivotal and others are now also contributing and have dedicated full-time engineers working on the project. In addition, SUSE, SAP and IBM are also active in developing Eirini.

Eirini started out as an incubation project, and while few doubted that this would be a successful project, there was a bit of confusion around how Cloud Foundry would move forward now that it essentially had two container engines for running its core service. At the time, there was even some concern that the project could fork. “I pushed back at the time and said: no, this is the natural exploration process that open source communities need to go through,” Childers said. “What we’re seeing now is that with Pivotal and Google stepping in, that’s a very clear sign that this is going to be the go-forward architecture for the future of the Cloud Foundry Application Runtime.”

A few months ago, by the way, Kubernetes was still missing a few crucial pieces the Cloud Foundry ecosystem needed to make this move. Childers specifically noted that Windows support — something the project’s enterprise users really need — was still problematic and lacked some important features. In recent releases, though, the Kubernetes team fixed most of these issues and improved its Windows support, rendering those issues moot.

What does all of this mean for Diego? Childers noted that the community isn’t at a point where it’ll hold developing that tool. At some point, though, it seems likely that the community will decide that it’s time to start the transition period and make the move to Kubernetes official.

It’s worth noting that IBM today announced its own preview of Eirini in its Cloud Foundry Enterprise Environment and that the latest version of SUSE’s Cloud Foundry-based Application Platform includes a similar preview as well.

In addition, the Cloud Foundry Foundation, which is hosting its semi-annual developer conference in Philadelphia this week, also announced that it has certified its first to systems integrators, Accenture and HCL, as part of its recently launched certification program for companies that work in the Cloud Foundry ecosystem and have at least ten certified developers on their teams.


By Frederic Lardinois

Microsoft Defender comes to the Mac

Microsoft today announced that it is bringing its Microsoft Defender Advanced Threat Protection (ATP) to the Mac. Previously, this was a Windows solution for protecting the machines of Microsoft 365 subscribers and assets the IT admins that try to keep them safe. It was also previously called Windows Defender ATP, but given that it is now on the Mac, too, Microsoft decided to drop the ‘Windows Defender’ moniker in favor or ‘Microsoft Defender.’

“For us, it’s all about experiences that follow the person and help the individual be more productive,” Jared Spataro, Microsoft’s corporate VP for Office and Windows, told me. “Just like we did with Office back in the day — that was a big move for us to move it off of Windows-only — but it was absolutely the right thing. So that’s where we’re headed.”

He stressed that this means that Microsoft is moving off its “Windows-centric approach to life.” He likened it to bringing the Office apps to the iPad and Android. “We’re just headed in that same direction of saying that it’s our intent that we can secure every endpoint so that this Microsoft 365 experience is not just Windows-centric,” Spataro said. Indeed, he argued that the news here isn’t even so much the launch of this service for the Mac but that Microsoft is reorienting the way it thinks about how it can deliver value for Microsoft 365 clients.

Given that Microsoft Defender is part of the Microsoft 365 package, you may wonder why those users would even care about the Mac, but there are plenty of enterprises that use a mix of Windows machines and Mac, and which provide all of their employees with Office already. Having a security solution that spans both systems can greatly reduce complexity for IT departments — and keeping up with security vulnerabilities on one system is hard enough to begin with.

In addition to the launch of the Mac version of Microsoft Defender ATP, the company also today announced the launch of new threat and vulnerability management capabilities for the service. Over the last few months, Microsoft had already launched a number of new features that help businesses proactively monitor and identify security threats.

“What we’re hearing from customers now, is that the landscape is getting increasingly sophisticated, the volume of alerts that we’re starting to get is pretty overwhelming,” Spataro said. “We really don’t have the budget to hire the thousands of people required to sort through all this and figure out what to do.”

So with this new tool, Microsoft uses its machine learning smarts to prioritize threads and present them to its customers for remediation.

To Spataro, these announcements come down to the fact that Microsoft is slowly morphing into more of a security company than ever before. “I think we’ve made a lot more progress than people realize,” he said. “And it’s been driven by the market.” He noted that its customers have long asked Microsoft to help them protect their endpoints. Now, he argues, customers have realized that Microsoft is now moving to this person-centric approach (instead of a Windows-centric one) and that the company may now be able to help them protect large parts of their systems. At the same time, Microsoft realized that it could use all of the billions of signals it gets from its users to better help its customers proactively.


By Frederic Lardinois