One of the key experiences recommended during any one’s time as an undergraduate is doing an internship. It not only gives a person their first glimpse of corporate life but also is essential to boost an individual’s confidence.

In the third year of my bachelor’s, we were shortlisted for the internship process when Applied Information Sciences (AIS) decided to visit our University for campus placement. Fortunately, we got selected for the pilot internship batch at AIS.

Applied Information Sciences is a top cloud consulting firm that provides software and systems engineering services to government agencies and commercial enterprises.

The six-week program commenced on June 6th, 2019 and we were assigned our supervisor, Mr. Manish Kumar. The program started with an interactive session with Manish and was followed by a tour of the office.

We were expected to report back to our supervisor at the end of each day with questions and discuss what we had learned. The next day we were assigned our internship project.

We were expected to work on infrastructure as a code and apply our knowledge of cloud computing to solve problems and create ARM templates. We also worked on Terraform and Pulumi. Manish would brief us with a topic that was being worked on and assign us the task to gather information about it; from there we would work on the topic until completion.

The most exciting part of the day was the one-on-one session with Manish where all of us would discuss what we learned that day. This session was important because it gave us a chance to share the information we had gathered with each other as well as clear any questions that came up with Manish.

“This program is amazing. For anyone looking to do work in Cloud computing domain, AIS is the place to do it. I’ve loved every moment of this experience and would do it all over again in a heartbeat. My favorite part would the interactive session we had every day and the freedom that was given to execute our ideas in a creative way”
-Devyanshi Tiwari

Each day brought us a new challenge and we gained an understanding of how to finish a task within a stipulated period of time. Since the very first week, we were treated as regular employees of the company, not just interns. Even during the final evaluation Manish asked us to present our projects as we were demonstrating to a client. Over the six weeks, we developed friendships with our co-workers and got constant feedbacks from Manish. But at the same time, we were always provided us with enough scope to inculcate our ideas in our project in the way we wanted to. We were always given the space to express our ideas and thoughts without any hesitation which is such a vital step to learn and grow.

“The best thing about my internship in AIS is that I got a lot of hands-on experience and a chance to work in my area of interest”
-Souradeep Banerjee

Our six weeks at AIS not only allowed us to grow personally but also helped us to gain new skills and information in cloud computing and Microsoft Azure. Also, we gained a better understanding of the industry and met industry veterans.

Most importantly the program gave us a new sense of professionalism, the importance of working in a team, and a clearer view of what it meant to be in the professional world and what shoes we are expected to fill in the near future.

“This internship not only enhanced my technical skills but also brought great improvement in my communication and idea-sharing skills”
-Riya Agrahari

We would advise everyone to take the opportunity and do an internship. There is much to gain from it on both a professional and personal level.

WORK WITH THE BRIGHTEST LEADERS IN SOFTWARE DEVELOPMENT

Last week, AIS was invited to speak to at DIR one day conference for public sector IT leaders with the theme Journey to the Cloud: How to Get There.

AIS’ session was titled Improve Software Velocity and Portability with Cloud Native Development. As we know, with a significant increase in the adoption of containers, cloud-native development is emerging as an important trend with customers who are looking to build new applications or lift and reshape existing applications in the cloud.

In this session, we discussed the key attributes of the cloud-native approach and how it improves modularity, elasticity, robustness, and – at the same time – helps avoid cloud vendor lock-in.

Cloud-Native Attributes

  • Declarative formats to setup automation
  • Clean contract with the underlying operating system, offering portability
  • Minimize divergence between development and production, enabling continuous deployment
  • Scale-up without significant changes to tooling, architecture, or development practices
  • Containers, service meshes, and microservices
  • Public, private, and hybrid cloud

Multi-Cloud Deployment Demo

To demonstrate cross-cloud portability, we conducted a live demonstration of an application being deployed to the Google Cloud Platform and Microsoft Azure during the session.

Note that the exact same application (binaries and Kubernetes deployment manifests) were used across the two clouds. The only difference between the storage provisioner as shown in the diagram below.

deployment on multi cloud

We thank Texas DIR forum organizers and attendees for a great conference!

Related Resources

For additional information on cloud-native development refer to links below:

If you’re looking for an intelligent cloud-native Security Information and Event Management (SIEM) solution that manages all incidents in one place, Azure Sentinel may be a good fit for you.

Not only does Azure Sentinel provide intelligent security analytics and threat intelligence, but it’s also considered a Security Orchestration and Automation Response (SOAR) solution, meaning it will collect data about security threats and you can automate responses to lower-level security events without the traditionally manual efforts required. You can extend this solution across data sources by integrating Azure Sentinel with enterprise tools, like ServiceNow. There are also services offered at no additional cost, such as User Behavior Analysis (UBA ), Petabyte daily digestion, and Office 365 data ingestion, to make Azure sentinel even more valuable.

First Impression

After opening Azure Sentinel from the Azure portal, you will be presented with the below items:

Azure sentinel first view

Theoretically, Azure Sentinel has four core areas.

Azure Sentinel Four Core Areas

  • Collect – By using connections from multiple vendors or operating systems, Azure Sentinel collects security events and data and keeps them for 31 days by default. This is extendable up to 730 days.
  • Detect – Azure Sentinel has suggested queries, you can find samples, or build your own. Another option is Azure Notebook, which is more interactive and has the potential to use your data science analysis.
  • Investigate – For triaging using the same detection methodology in conjunction with events investigation. Later you will have a case created for the incident.
  • Respond –  Finally, responding can be manual or automated with the help of Azure Sentinel playbooks. Also, you can use graphs, dashboards, or workbooks for presentation.

For a better understanding, the flow in this example of behind the scene is helpful.

Steps in Azure Sentinel

How do I enable Azure Sentinel?

If you already have an Azure Log Analytics Workspace, you are one click away from Azure Sentinel. You need to have contributor RBAC permission on the subscription that has Azure Log Analytics Workspace, which Azure Sentinel will bind itself to it.

Azure Sentinel has some prebuilt dashboards and you are able to share it with your team members.

You can also enable the integration of security data from Security Center > Threat Detection > Enable integration with other Microsoft security services

Azure Sentinel has a variety of built-in connectors that collect data and process it with its artificial intelligence empowered processing engine. Azure Sentinel can relate your events to well-known or unknown anomalies (with the help of ML)!

Below is a sample connection which  offers two out-of-the-box dashboards:

sample connection in Azure Sentinel

All connections have a fair amount of instructions, which usually allows for a fast integration. A sample of an AWS connector can be found here.

Azure Sentinel has thirty out-of-the-box dashboards that make it easy to create an eloquent dashboard, however, built-in dashboards only work if you have configured the related connection.

Built-In Ready to Use Dashboards:

  • AWS Network Activities
  • AWS User Activities
  • Azure Activity
  • Azure AD Audit logs
  • Azure AD Sign-in logs
  • Azure Firewall
  • Azure Information Protection
  • Azure Network Watcher
  • Check Point Software Technologies
  • Cisco
  • CyberArk Privileged Access Security
  • DNS
  • Exchange Online
  • F5 BIG-IP ASM F5
  • FortiGate
  • Identity & Access
  • Insecure Protocols
  • Juniper
  • Linux machines
  • Microsoft Web Application Firewall (WAF)
  • Office 365
  • Palo Alto Networks
  • Palo Alto Networks Threat
  • SharePoint & OneDrive
  • Symantec File Threats
  • Symantec Security
  • Symantec Threats
  • Symantec URL Threats
  • Threat Intelligence
  • VM insights

A Sample Dashboard:

One of the most useful IaaS monitoring services that Azure provides is VMInsights, or Azure Monitor for VMs. Azure Sentinel has a prebuilt VMInsight Dashboard. You can connect your VM to your Azure Log Analytics Workspace, then enable VMInsights from VM > Monitoring > Insights. Make sure the Azure Log Analytics Workspace is the same one that has Azure Sentinel enabled on it.

Sample Dashboard VMInsights or Azure Monitor for VMs

Creating an alert is important. Alerts are the first step for having a case or ‘incidents’. After a case is created based on the alert, then you can do your investigation. For creating an alert, you need to use the KQL language that you probably already used it in Azure Log analytics.

Azure Sentinel has a feature named entity mapping, which lets you relate the query to values like IP address and hostname. These values make the investigation much more meaningful. Instead of going back and forth to multiple queries to relate, you can use entities to make your life easier. At the time of writing this article, Azure Sentinel has four entities; Account, Host, IP address, and Timestamp, which you can bind to your query. You can enable or disable an alert or run it manually as you prefer easily from Configuration > Analytics. Naming might be a little bit confusing since you also need to create your alerts from Analytics.

Azure Sentinel Investigation map of entities becomes public in September 2019 and you no longer need to fill out a form request access.

Let’s Go Hunting

You can use Azure Sentinel built-in hunting queries. You can also directly shoot it down if you know where to find the anomalies by KQL queries and create an alert. Or uses Azure Notebook for AI, ML-based hunting. You can bring your own ML model to Azure Sentinel. Azure Sentinel Notebook is for your tier 4 SOC analysis.

Azure Sentinel built-in hunting query

Azure Sentinel uses MITRE ATT&CK-based queries and introduced eight types of queries, also known as bookmarks, for hunting.

After you become skilled in detection, you can start creating your playbook constructed on logic app workflows. You can also build your automated responses to threads or craft custom actions after an incident has happened. Later you can enable Azure Sentinel Fusion to associate lower fidelity anomalous activities to high fidelity cases.

Azure Sentinel Detection Playbook

A sample playbook:

Azure Sentinel Sample Playbook

Image Source: Microsoft

Azure Notebooks is a Jupyter notebook (interactive computational tool) for facilitating your investigation by using your data science skills. Azure Notebooks support languages and packages from Python 2 and 3 you can also use R and F#.

We all love community-backed solutions. You can share your findings and designs with others and use their insights by using the Azure Sentinel Community on GitHub.

Azure Sentinel Fusion

Fusion helps reduction of noise by preventing alert fatigue. Azure Sentinel Fusion uses this insight here, and you can see how to enable Azure Sentinel Fusion.

Traditionally we assume an attacker follows a static kill chain as the attack path or all information of an attack is present in the logs. Fusion can help here by bringing probabilistic kill chain and to find novel attacks. You can find more information on this topic here. Formerly, you should run a PowerShell command to enable Fusion, but going on Fusion is enabled by default.

What Data Sources Are Supported?

Azure Sentinel has three types of connectors. First, Microsoft services are connected natively and can be configured with a few clicks. Second, is by connecting to external solutions via API. And finally, connecting to external solutions via an agent. These connectors are not limited to below table, and there are some examples of IoT and Azure DevOps that can communicate with Azure Sentinel

Microsoft services External solutions via API External solutions via an agent
Office 365 Barracuda F5
Azure AD audit logs and sign-ins Symantec Check Point
Azure Activity Amazon Web Services Cisco ASA
Azure AD Identity Protection Fortinet
Azure Security Center Palo Alto
Azure Information Protection Common Event Format CEF appliances
Azure Advanced Threat Protection Other Syslog appliances
Cloud App Security DLP solutions
Windows security events Threat intelligence providers
Windows firewall DNS machines
DNS Linux servers
Microsoft web application firewall (WAF) Other clouds

Where Does Azure Sentinel Sit in the Azure Security Picture?

Azure Sentinel in the Azure Security Big Picture

Azure Sentinel can be used before an attack, like Azure Active Directory signings from new locations. During an attack, like malware in the machine or post-attack for investigation about an incident and perform triage with it. Azure Sentinel has a service graph that can show you the related event to an incident.

If you are security titled a person or part of the SOC team and you prefer a cloud-native solution, Azure Sentinel is a good option.

Security Providers or Why Azure Sentinel?

Azure Sentinel uses Microsoft Intelligent Security Graph that is backed by Microsoft Intelligent Security Association. This association consists of almost 60 companies that hand in hand help to find vulnerabilities more efficiently.

Microsoft brings its findings from 3500+ security professionals, 18B+ Bing page scans per month, 470B emails analyzed per month, 1B+ azure account 1.2B devices updated each month, 630B authentications per month, 5B threats blocked per month.

Microsoft Intelligent Security Graph Overview

Image Source: Microsoft

Microsoft has more solutions that create a valuable experience for his Microsoft Graph Security API: Windows antimalware platform, Windows Defender ATP, Azure Active Directory, Azure Information Protection, DMARC reporting for Office 365, Microsoft Cloud App Security, and Microsoft Intune.

Microsoft Intelligent Security Association (MISA)

Microsoft creates vast threat intelligence solutions. Microsoft collaborated with other companies to create a product under the name of Microsoft Intelligent Security Graph API. Microsoft calls the association The Microsoft Intelligent Security Association (MISA), an association that consists of almost 60 companies who share their security insights from trillions of signals.

  • Microsoft products: Azure Active Directory, Azure Information Protection, Windows Defender ATP, Microsoft Intune, Microsoft Graph Security API, Microsoft Cloud App Security, DMARC reporting for Office 365, Windows antimalware platform, Microsoft Azure Sentinel
  • Identity and access management: Axonius, CyberArk, Duo, Entrust Datacard, Feitian, Omada, Ping Identity, Saviynt, Swimlane, Symantec, Trusona, Yubico, Zscaler
  • Information protection: Adobe, Better Mobile, Box, Citrix, Checkpoint, Digital Guardian, Entrust Datacard, EverTrust, Forcepoint, GlobalSign, Imperva, Informatica, Ionic Security, Lookout, Palo Alto Networks, Pradeo, Sectigo, Sophos, Symantec, Wandera, Zimperium, Zscaler
  • Threat protection: AttackIQ, Agari, Anomali, Asavie, Bay Dynamics, Better Mobile, Bitdefender, Citrix, Contrast Security, Corrata, Cymulate, DF Labs, dmarcian, Duo Security, FireEye, Illumio, Lookout, Minerva Labs, Morphisec, Palo Alto Networks, Red Canary, ThreatConnect, SafeBreach, SentinelOne, Swimlane, ValiMail, Wandera, Ziften
  • Security management: Aujas, Barracuda, Carbon Black, Checkpoint, Fortinet, F5, Imperva, Symantec, Verodin

MISA and Security Graph API

MISA is a combined security effort. It continuously monitors cyberthreats and fortifies itself. This enriched knowledge is accessible by Microsoft Intelligent Security Graph API. Azure Sentinel Fusion is the engine that uses graph powered Machine Learning algorithms. Fusion associates activities with patterns of anomalies.

Microsoft Intelligent Security Association (MISA) and Security Graph API

Below you can see the Azure Sentinel Big Picture:

Azure Sentinel Big Picture

I hope you found this blog helpful! As you can see, Azure Sentinel is just a tip of the Microsoft Security ‘iceburg’.

Azure Sentinel Microsoft Security Iceburg

Since Steve Michelotti and I recorded the Migrate & Modernize with Kubernetes on Azure Gov Video on Microsoft’s Channel 9, production-level support for Windows Nodes has been added. So we decided to “upgrade” the Music Store app to take advantage of this capability.

Watch this short six-minute video to understand the changes involved.

In the previous version of this video, we had converted this application to containers in Kubernetes. However, at that time, Windows Nodes for Kubernetes were not available. Since then, Kubernetes 4.14 has come out with support for Windows Nodes. This video walks through the upgrade of this application in moving this application directly into a Windows Node pool in AKS.

This update gives us greater flexibility in migration applications to Kubernetes and hosting them there while keeping the functionality of the application the same.

I hope you find this useful. Thanks!

Rehosting Considerations

What is Rehosting?

Rehosting is an approach to migrating business applications hosted on-premises in data center environments to the cloud by moving the application “as-is,” with little to no changes to the functionality. A common rehosting scenario is the migration of applications that were initially developed for an on-premises environment to take advantage of cloud computing benefits. These benefits may include increased availability, faster networking speeds, reduced technical debt, and a pay-per-use cost structure.

In our experience, rehosting is well suited for organizations under time-sensitive data center evacuation mandates, facing pressure from leadership to migrate, running COTS software that doesn’t support modernization, or those with business-critical applications on end-of-support technologies. These organizations often opt for a rehost then transform strategy, as reviewed in the following blog, Cloud Transformation Can Wait… Get Me to the Cloud Now!

Below we outline important considerations, benefits, and challenges associated with a rehost strategy, based on our real-world experiences moving both custom and packaged commercial on-premises applications to the cloud. We’ll also discuss steps to take when your migration initiative goes beyond rehosting, requiring the assessment of alternative migration approaches, such as re-platforming and refactoring.

Critical Considerations

When moving on-premises business-critical applications to the cloud, there are critical considerations that span technical, operational, and business domains. Below are three key components not to be overlooked when defining your cloud migration strategy:

  • Establishing a shared vision: Ensuring you have set goals and an executive sponsor.
  • Understanding your why: Why are you migrating to the cloud in the first place?
  • Defined business impact: What impact do you expect from your migration efforts and are your goals realistic based on the chosen approach?

Establishing a Shared Vision

Establish a Shared Vision with Stakeholders

The landscape of on-premises systems is often governed by many stakeholders, both business and IT, with competing goals, risk profiles, and expected outcomes from a migration effort. Having a clear vision for your rehost initiative with key roles and responsibilities defined is critical to the timeliness, investment, and overall success of your project. Finding an executive sponsor to unite the various groups, make decisions, and define the business goals and expected outcomes is vital in risk management.

As part of creating this shared vision, the executive sponsor needs to ensure:

  • Goal Alignment: Having a shared vision among various business and IT stakeholders set direction and expectations for the project. A shared vision allows all parties, including vendors and internal resources, to understand the goal(s) and the role they’ll play for the project.
  • Sufficient Budgeting and Resource Allocation: Appropriate budget and resources must be allocated for executing tasks related to this partnership, before the start of the migration effort to ensure timely project completion.
  • Proper Documentation of Existing Systems: Critical information about on-premises systems and operations is often either insufficient or missing entirely. System documentation is mandatory to migrate systems and uphold their intended purpose.
  • Product Ownership: On-premises business application suites are often acquired or internally developed. Original vendors may be out of business, so products are no longer viable. Conversely, the custom product may no longer be supported or understood due to missing source code. An owner needs to be designated to determine the future of the product.
  • Organizational Change Management: Without user adoption, your cloud migration will fail. Change management efforts enable cloud technology adoption and require proper planning and execution from the start.

The considerations outlined above should be discussed up front, and partnerships among stakeholder groups must be established to accomplish the intended goal(s) of migration under executive sponsor leadership.

Understand Your Why

Understand Why You're Moving

You’ve heard the stories about failed cloud migrations. Those stories often start with misaligned expectations and a rushed execution, which are among the top reasons cloud migrations result in a backslide to on-premises environments. Migrating to the cloud isn’t a silver bullet – not every organization will experience cost savings or even immediate functionality improvements from a rehosting project but there are many opportunities for cost avoidance and optimization of spend.

As an IT director or manager, it’s critical to ensure executive-level sponsors understand how different migration approaches align to anticipated outcomes. There’s often pressure from leadership to migrate to the cloud, and understandably with countless cloud benefits and the many challenges associated with aging on-premises solutions. However, understanding and communicating what’s realistic for your organization and how different approaches will address various business goals is crucial.

Data Center Evacuations & Unsupported Technology

Organizations migrating based on a mandated data center evacuation or the security and compliance risks associated with unsupported or end-of-support technology often look to a rehost strategy as a first step. This helps accomplish the business goal of reducing technical debt or remediating compliance concerns quickly.

Reaping the Benefits of Cloud-Native Solutions

There are many other reasons organizations look to the cloud, such as staying competitive, increasing time to value, or the ability to innovate. To fully realize the cloud outcomes that motivate these decisions – including greater flexibility, scalability, data security, built-in disaster recovery options, and improved collaboration – additional planning and refactoring of on-premises applications are often required. In these cases, sometimes we see a rehost as the first stage (as leadership wants to see quick results or has made a public commitment to migrate to the cloud), followed by more advanced modernization efforts.

To get to the root of goals and expectations, consider the following questions as you build your roadmap:

  1. What are your business objectives for cloud adoption, and how will they help further the company vision?
  2. Is there a set timeline to complete the cloud migration effort?
  3. What internal and external resources are available to support a cloud migration?
  4. How many applications are in your portfolio, and do you plan to migrate everything, or are you considering a hybrid model approach?
  5. What are the technical requirements and interdependencies of your applications? How will you assess cloud readiness?
  6. What are the necessary governance, security, and compliance considerations?
  7. Who will be responsible for moving workloads to the new cloud platform? Who will perform the migration, and manage the workloads? Will you be doing it by yourself, or will it be a shared initiative?
  8. How do you intend to use automation to reduce manual efforts and streamline provisioning and governance?

As you answer the questions above, you may find that a rehost effort is sufficient. Likewise, you may choose to explore a lead horse application approach as part of your migration strategy to better understand the value derived from various modernization tactics.

Uncovered Benefits of the Cloud

Uncover Additional Cloud Benefits

If your organization is interested in exploring cloud benefits that go beyond what a rehost effort can provide, migration options that are more involved than rehosting may be worth your consideration. Organizations looking to modernize through re-platforming or refactoring may be motivated by cloud benefits such as:

  • Faster time to market, product release cycles, and/or pace of innovation
  • Enriched customer and end-user experiences
  • Improved employee technology, collaboration, and processes
  • Better reliability and networking speeds
  • Reduced cost of labor and/or maintenance
  • Ability to leverage emerging technology
  • Built-in disaster recovery options
  • Flexibility and scalability
  • Data security
  • Cost allocation for budgeting and showback/chargeback
  • Move from Capex to Opex (or realize Capex by buying resource commitments)

If you are facing tight timelines to migrate, a rehost effort can get you one step closer to realizing the above benefits. Through an initial migration, you can look to a proof of concept to gain a further understanding of the business impact various approaches have to offer while incrementally progressing cloud transformation.

TO LEARN MORE ABOUT THE DIFFERENT APPROACHES TO MIGRATION AND MODERNIZATION, DOWNLOAD OUR FREE WHITEPAPER.

Challenges

While rehosting is a faster, less resource-intensive migration approach and a great first step into the cloud, it comes with challenges and limitations.

The primary limitation of migrating certain on-premises applications to the cloud is the application’s inherent cloud compatibility. Specific applications have internal and external dependencies which limit their ability to take advantage of more advanced cloud benefits once rehosted.

While rehosting allows you to modernize the application environment, resulting in outcomes such as reduced Data Center costs, other cloud benefits aren’t fully realized. Outcomes such as elasticity and the ability to take advantage of cloud-native features are not available with a strictly rehost strategy.

While more cost-effective than on-premises hosting, sometimes it can be more costly to run applications in the cloud when rehosting, versus re-platforming or refactoring without a FinOps strategy to master the unit economics of cloud for competitive advantage. To show fast progress, rehosting is often a great transitional stage for working towards a cost-effective cloud solution, especially for organizations on a tight timeline. During this stage, managing cloud costs and realizing cloud value with a FinOps practice is key.

Feeling Stuck?

Not Sure Where to Start?

If you’re stuck in analysis paralysis, work with a consultant that’s been through various migration projects, from start to finish, and understands the common challenges and complexities of different approaches.

Whether you’re considering Azure, Office 365, Power Platform, or another cloud platform, AIS has a range of Adoption Frameworks and Assessments that can help you understand your options. With our help, create a shared vision, and align business goals to the appropriate migration approaches.

GET YOUR ORGANIZATION ON THE RIGHT TRACK TO CLOUD MIGRATION. CONTACT AIS TODAY TO DISCUSS YOUR OPTIONS.

Foundational Knowledge of CDS

At the core of any low-code development platform, such as the Microsoft Power Platform, is the ability to secure, easily store, and manage data used by business applications. This is where Common Data Service (CDS) comes in. In this course, Introduction to Common Data Service (CDS), you will learn the skills you need to work effectively with CDS.

  • First, you’ll learn about the critical use cases and the high-level architecture of CDS in the context of the overall PowerApps Platform.
  • Next, you’ll explore CDS’ capabilities like entities, relationships, auditing, annotations, REST API, business rules, and workflow.
  • Finally, you’ll learn about the security, governance, and integration aspects of CDS.

When you’re finished with this course, you’ll have a foundational knowledge of CDS to use in your low-code applications. This session is a beginner course, and the total duration is under 2 hours.

LEARN MORE AND REGISTER FOR THIS COURSE TODAY!

Lift n Shift Approach to Cloud Transformation

What does it mean to Rehost an application?

Rehosting is an approach to migrating business applications hosted in on-premises data center environments to the cloud by moving the application “as-is,” with little to no changes to the business functions performed by the application. It’s a faster, less resource-intensive migration approach that gets your apps into the cloud without much code modification. It is often a good first step to cloud transformation.

Organizations with applications that were initially developed for an on-premises environment commonly look to rehosting to take advantage of cloud computing benefits. These benefits may include increased availability and networking speeds, reduced technical debt, and a pay-per-usage cost structure. When defining your cloud migration strategy, it’s essential to analyze all migration approaches, such as re-platforming, refactoring, replacing, and retiring.

CHECK OUT OUR WHITEPAPER & LEARN ABOUT CLOUD-BASED APP MODERNIZATION APPROACHES

Read More…

It can be challenging to maintain a repository after it’s been in use for months, through iterations, and by more and more teams. The online interfaces to team Git repositories – GitHub, Azure Repos, etc. – have several views into the current state of your repo.

  • Who last committed to that branch
  • How old is the branch
  • Quick buttons to delete stale branches

Even with these tools, it may not be easy to identify which branches truly require cleanup. In this article, we’ll explore how to use PowerShell to assist with targeting and operating on Git branches that meet the criteria we establish.

To demonstrate the commands being used, I use PowerShell from within a Jupyter notebook by running a container authored by GitHub user @jaykul – jaykul/powershell-notebook-base. The full exercise with code is hosted on Azure Notebooks. Azure Notebooks is a free hosted service to develop and run Jupyter notebooks in the cloud with no installation.

FOR THE FULL NOTEBOOK, VIEW MAXWELL'S POST ON MICROSOFT AZURE NOTEBOOKS

Conclusion

Commands in Git have options to format their output and produce data-rich textual output to the command line. PowerShell is an expressive shell language which allows quick sorting, filtering, and fluid operation on rich data types. Combining the two makes quick work of performing repository maintenance, producing reports, and integrating your repository with other tools.

Using calculated metrics like commits ahead or behind creates the ability to automate process rules you might implement with your team. With all the rich data available through Git, there are bound to be several devops workflows your team can automate with PowerShell.

The alternate link may provide a better experience for those with lower resolutions.

Exchange 2010 is at the end of its journey, and what a long road it’s been! For many customers, it has been a workhorse product facilitating excellent communications with their employees. It’s sad to see the product go, but it’s time to look to the future, and the future is in the Microsoft Cloud with Exchange Online

What does End of Support mean for my organization?

email security exchange 2010 end of support risks

While Exchange 2010 isn’t necessarily vanishing from the messaging ecosystem, support of the product ends in all official capacities on January 14, 2020. Additionally, Office 2010 will be hitting the end of support on October 13, 2020, which means your old desktop clients will also be unsupported within the same year. What this means is that businesses using Exchange and Office applications will be left without support from Microsoft – paid or free. End of support also means the end of monthly security updates. Without regular security updates and patches from Microsoft to protect your environment, your company is at risk.

  1. Security risks – Malware protection and attack surface protection become more challenging as products are off lifecycle support. Any new vulnerability may not be disclosed or remediated.
  2. Compliance risks – As time goes on, organizations must adhere to new compliance requirements – for example, GDPR was a massive recent deadline. While managing these requirements on-premises is possible, it is often challenging and time-consuming. Office 365 offers improved compliance features for legal and regulatory requirements. The most notable is that Microsoft cloud environments comply with most regulatory needs, including HIPAA, FISMA, FedRAMP, and more.
  3. Lack of software and hardware support – Lack of technical support for problems that may occur such as bug fixes, stability and usability of the server, and time zone updates. Dropped support for interoperation with 3rd party vendors like MDM and message hygiene solutions can mean your end-user access can stop working. Not to mention the desktop and mobile mail solutions already deployed, or perhaps being upgraded, around this now decade-old infrastructure.
  4. Speaking of old infrastructure – This isn’t just about applications and services. For continued support and to meet compliance requirements, you must migrate to newer hardware to retain, store, and protect your mailbox and associated data. Office 365 absolves you of all infrastructure storage costs. That is a perfect opportunity, and often a justification in and of itself, to move to the cloud.

It’s time to migrate to Office 365 . . . Quickly!

There are many great reasons to move your exchange environment to a hosted environment in Office 365. The biggest one being your company will no longer have to worry about infrastructure costs.

Here are some other significant advantages that you won’t have to worry about:

  • Purchasing, and maintaining expensive storage and hardware infrastructure
  • Time spent keeping up to date on product, security, and time zone fixes
  • Time spent on security patching OS or updating firmware
  • Cost for licensing OS or Exchange Servers
  • Upgrading to a new version of exchange; you’re always on the latest version of Exchange in Office 365
  • Maintaining compliance and regulations for your infrastructure whether Industry, Regional or Government
  • With an environment of thousands of users and potentially unlimited mailboxes, absolving your admins from the day-to-day database, storage, server, and failover management is a huge relief and cost savings by having your team focus on Exchange administration.

Another big cost for on-premises is storage: data repositories for mailbox data retention, archiving, and journaling. This value cannot be overstated – do you have large mailboxes or archive mailboxes? Are you paying for an archiving or eDiscovery solution? If you consider Exchange Online Plan 2 licenses (often bundled into larger enterprise licenses such as E3 or E5) they allow for archive mailboxes of unlimited size. These licenses also offer eDiscovery and compliance options that meet the needs of complex organizations.

The value of the integrated cloud-based security and compliance resources in the Office 365 environment is immense. Many of our customers have abandoned their entire existing MDM solutions in favor of Intune. Data Loss Prevention allows you to protect your company data against exfiltration. Office 365 Advanced Threat Protection fortifies your environment against phishing attacks and offers zero-day attachment reviews. These technologies are just the tip of the iceberg and can either replace or augment an existing malware and hygiene strategy. And all these solutions specifically relate and interoperate with Exchange Online.

CHECK OUT OUR WHITEPAPER & LEARN ABOUT CLOUD-BASED APP MODERNIZATION APPROACHES

Some other technologies that seamlessly work with Exchange Online and offer integral protections to that product as well as other Microsoft cloud and SaaS solutions:

  • Conditional Access – Precise, granular access control to applications
  • Intune – Device and application management and protection
  • Azure AD Identity Protection – Manage risk levels for associate activity
  • Azure Information Protection – Classify and protect documents
  • Identity Governance – Lifecycle management for access to groups, roles, and applications

Think outside the datacenter

data center transformation services

There are advantages to thinking outside the (mail)box when considering an Exchange migration strategy to the cloud. Office 365 offers an incredible suite of interoperability tools to meet most workflows. So while we can partner with you on the journey to Office 365, don’t overlook some of the key tools that are also available in the Microsoft arsenal. These include OneDrive for Business, SharePoint Online, and Microsoft Teams; all of which could be potential next steps in your SaaS journey! Each tool is a game-changer in their own right, and each will bring incredible collaboration value to your associates.

AIS has helped many customers migrate large and complex on-premise environments to Office 365.

Whether you need to:

  • Quickly migrate Exchange to Exchange Online for End of Support
  • Move File services to OneDrive and SharePoint Online for your Personal drives/Enterprise Shares/Cloud File Services
  • Adopt Microsoft Teams from Slack/HipChat/Cisco Teams
  • Migrate large and complex SharePoint farm environments to SharePoint Online

Whatever it is, we’ve got you covered.

What to do next?

Modern Workplace Assessment for Exchange 2010

Take action right now, and start a conversation with AIS today. Our experts will analyze the current state and rollout migration of your organization to Office 365 quickly and seamlessly.

To accelerate your migration to Office 365, let us provide you a free Modern Workplace assessment to evaluate comprehensively:

  • Organization readiness for adoption of Office 365 (Exchange and desktop-focused)
  • Desktop-focused insights and opportunities to leverage Microsoft 365 services
  • Develop total cost of ownership (TCO) for migrating Exchange users to Office 365 including fees for licensing
  • Migration plans cover detailed insights and approaches for service migrations such as…
    • Exchange to Exchange Online
    • File servers, personal shares, and Enterprise shares to OneDrive for Business and SharePoint Online
    • Slack / HipChat / Cisco Teams to Microsoft Teams
    • SharePoint Server to SharePoint Online

GET AN ASSESSMENT OF YOUR EXCHANGE 2010 ENVIRONMENT

Wrapping Up

Migrating your email to Office 365 is your best and simplest option to help you retire your Exchange 2010 deployment. With a migration to Office 365, you can make a single hop from old technology to state-of-the-art features.

AIS has the experience and expertise to evaluate and migrate your on-premise Exchange and collaboration environments to the cloud. Let us focus on the business of migrating your on-premises applications to Office 365, so you can focus on the business of running your business. This is the beginning of a journey, but something AIS is familiar and comfortable guiding you to seamless and successful cloud migration. If you’re interested in learning more about our free modern workplace assessment or getting started with your Exchange migration, reach out to AIS today.

NOT SURE WHERE TO START? REACH OUT TO AIS TO START THE CONVERSATION.

End of Support is Coming

End of support for Windows Server 2008 and 2008 R2 is rapidly approaching. On January 14th, 2020 support for Windows Server 2008 and 2008 R2 will end; support for SQL Server 2008 and 2008 R2 already completed on July 9th, 2019.

Window Server Risks

What does this mean for my organization?

End of support means the end of monthly security updates and support from Microsoft. Without Microsoft’s regular security updates and patches to protect your environment, you expose your applications and data running on the platform to several risks. These risks may include the potential for security breaches, attacks, and compliance failure for important regulations such as GDPR, HIPAA, PCI, Sarbanes-Oxley, FedRAMP, and others. Read this datasheet for more details.

The requirements for maintaining compliant IT workloads vary depending on the regulation, but almost all of them forbid the use of unsupported software. Even if unsupported software is not officially prohibited, most compliance initiatives require the prompt performance of security patching. With this in mind, it’s particularly difficult for an organization to justify using software for which patches are no longer being created. Perhaps the most critical reason for IT professionals to migrate away from Windows Server 2008 and SQL Server 2008 before their end of life date, is that doing so is a matter of self-preservation.

The risks of not upgrading

Neglecting an end of life scenario can save a bit of money upfront; however, the risks associated with ignoring the end of support are far costlier. These issues vary in severity and can be anything – a security breach, an unfamiliar error message, or perhaps a compatibility problem. IT professionals don’t want to be in a situation where they need to explain to management that an issue has occurred, and can’t be addressed, because the workload impacted runs on unsupported software.

We understand that upgrading to a newer version of Windows Server and SQL server can be challenging and requires validation work. However, if your organization isn’t already acting on a plan to migrate and modernize your infrastructure before the end of support, you’re already behind.

Time to modernize

End of support is an ideal time to transform your IT platform and move your infrastructure and applications to the cloud. Nevertheless, it can be difficult to upgrade everything before the end of support deadlines. You cannot wait months and years or dedicate your IT organization to spend time upgrading your critical end of support IT infrastructure.

So how do you quickly ensure you can avoid potential critical security and compliance interruptions? What are my choices from here?

Move your servers to Azure as-is

The good news is Microsoft announced that Extended Security Updates would be available, for FREE, in Azure for 2008 and 2008 R2 versions of Windows Server and SQL Server. This support will be available for three more years after the end of support deadline. Despite this, organizations with the end of support technologies need a quick solution for migrating their IT infrastructure to Azure. Organizations must remain secure and compliant without taking months or years to create a strategic cloud transformation plan.

We often see the struggle to balance these two competing needs with large enterprise organizations who are faced with a myriad of legacy technologies and the pressure to modernize. The options are plentiful, the current infrastructure is complex, and decisions aren’t easy. This common scenario made us rethink how we can approach modernization, both quickly and strategically. Instead, address the immediate need to move out of a data center or end of support technology while working towards a well-thought-out cloud transformation roadmap. AIS CTO Vishwas Lele details this Two-Step approach to Cloud Transformation Journey using a Tactical “Lift-n-Shift” approach to rehost infrastructure on Azure.

Step 1: Move your end of support infrastructure into Azure as-is

Migrate your Windows Server and SQL Server applications to Microsoft Azure and breathe new life into your server infrastructure. The first step of this two-step approach perfectly aligns with the needs of migrating end of support workloads to Azure with minimal to no changes to your existing footprint (and near-zero downtime).

This positions you to:

  • Immediately meet deadlines for the end of support
  • Remain secure and compliant with critical business & industry regulations
  • Quickly leverage Azure capabilities (giving you tangible benefits)
  • Generate lasting cost-savings with Microsoft’s financially attractive ability to port your existing licenses to Azure

Some organizations shy away from a Lift-n-Shift approach. On the surface, it may seem wasteful, as we are duplicating your current footprint in Azure. However, by completing this effort in weeks, not months or years, duplication is minimized. Pair this with AIS’s FinOps methodology for cloud financial management best practices and significant savings can be achieved by moving your servers to an Azure-optimized infrastructure. By comparison, running your Windows Servers in AWS could be as much as 5 times more expensive to run Windows Server.

Step 2: Application innovation and modernization

Once you’ve started moving your on-premises infrastructure to the cloud, the modernization efforts begin, and a whole new world of opportunities to transform is realized. Even the modernization of your legacy applications can be accelerated by embracing the services of Azure cloud.

CHECK OUT OUR WHITEPAPER & LEARN ABOUT CLOUD-BASED APP MODERNIZATION APPROACHES

AIS has you covered with the migration of your infrastructure to Azure

With just a few months left for the Windows Server End of Support deadline (with the SQL deadline already passed), updating your IT infrastructure must be a priority to avoid business disruption. Even with standardized processes and years of experience, deploying new versions of Windows and SQL Server is no small task in the enterprise.

Our experts have Azure covered so you can focus on doing business. AIS can help you jumpstart this process with a comprehensive cloud migration assessment. Our program gives you flexibility in gauging readiness to leverage cloud technology for your servers. By using machine learning and data collection, we can provide you a portfolio inventory, data-driven insights, and recommendations to aid in defining your migration strategy. Also, we’ll provide detailed economic costs to run your servers in the cloud. You’ll have a clear line of sight into the cost of running your servers in the cloud, as well as a clear roadmap for migration.

With this assessment, we can quickly prepare your cloud infrastructure and to begin migrating servers to an environment that’s scalable and secure. We can get you migrated soon with our extensive experience and expertise.

Start you Azure migration planning today!

The time to act is now! While most coverage surrounding the end of support appears to emphasize the negative aspects, organizations that approach the situation through the right lens stand to reap the benefits of modernization.

Part of this approach requires organizations to choose a trusted and capable partner with the experience and skillsets to ensure a successful migration. With the impending deadlines quickly approaching, it’s time to take action.

Let AIS accelerate your end of support migration to Azure, starting with a cloud migration assessment, followed up a roadmap and the execution of an expert migration strategy.

GET AN ASSESSMENT OF YOUR WINDOWS SERVER 2008 WORKLOADS