Public Preview of Azure Migrate from VMware to Azure Stack HCI
We are excited to announce the public preview of Azure Migrate's latest functionality: seamless migration from VMware to Azure Stack HCI. This significant enhancement extends the power of cloud migration to the edge, offering cutting-edge performance and security while keeping your data securely on-premises. With Azure Migrate’s agent-less replication, minimal downtime, and network traffic optimized data transfer, this new capability ensures an efficient, smooth transition for your virtualized workloads. Explore the Azure Migrate today and experience the next evolution of virtualization and cloud integration.Azure Stack HCI version 23H2 is generally available
Today we’re announcing the general availability of Azure Stack HCI version 23H2, and the Azure Arc infrastructure needed to provision virtual machines and Kubernetes clusters, and Azure Virtual Desktop for Azure Stack HCI. Together, these capabilities enable an adaptive cloud approach, empowering customers to deploy and operate everything from hardware to applications using Azure Resource Manager and core Azure management services.
The latest security enhancements for Azure Stack Hub
Security has always been at the heart of Azure. As we strive to deliver the latest security innovations to our customers, our team has improved the end-to-end experience from user workloads through the underlying infrastructure. With today’ security news and announcements, we’re sharing enhanced tools from Azure, from our partners, and Azure Stack Hub that enable you to improve your security posture. Azure Security tools: Azure Sentinel and Azure Security Center https://azure.microsoft.com/en-us/services/azure-sentinel/ recently added support for workloads running on Azure Stack Hub. Azure Sentinel enables you to detect threats and respond smarter and faster though Azure powered artificial intelligence. To learn more about this integration, click https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-stack. We’re also bringing our ongoing investment in cloud security with Azure Security Center to Azure Stack Hub. https://azure.microsoft.com/en-us/services/security-center/ is a unified infrastructure security management system that strengthens the security posture of your data centers and provides advanced threat protection (including server Endpoint Detection and Response - EDR) across your hybrid workloads. With Azure Security Center, you can receive actionable, prioritized security recommendations, powered by https://docs.microsoft.com/azure/security-center/security-center-secure-score, in order to assess the security of your Windows and Linux VMs running on top of Azure Stack Hub and improve your compliance with regulatory standards. To learn more about this integration, click https://docs.microsoft.com/en-us/azure/security-center/quick-onboard-azure-stack. How Partners are Adding Security Expertise to Azure Stack Hub Many of our customers operate Azure Stack Hub in regulated or classified environments, where hardware protection and generation of keys and secrets are required. We https://azure.microsoft.com/en-us/blog/azure-stack-iaas-part-3/ our work with Thales to bring the https://www.thalesesecurity.com/products/key-management/ciphertrust-cloud-key-manager solution to the Azure Stack Hub marketplace. CCKM enables customers to upload, manage, and revoke keys to and from Azure Key Vaults running in either Azure Stack Hub or Azure, all from a single pane of glass. Thales CCKM works with Azure and Azure Stack Hub “Bring Your Own Key” (BYOK) APIs to enable such key control. CCKM creates Azure-compatible keys from a FIPS 140-2 source, like the https://www.thalesesecurity.com/products/data-encryption/vormetric-data-security-manager that can achieve FIPS 140-2 Level 3 compliancy. CCKM supports both Azure Active Directory (AAD) and Active Directory Federation Services (ADFS) deployments, hence it can run in air-gapped or disconnected environments. For customers interested in obtaining vulnerability reports and DISA STIG assessments of the Azure Stack Hub infrastructure, we’re happy to announce that Qualys has made them generally available from the https://www.qualys.com/azure-stack/. With each Azure Stack Hub update release, Microsoft will provide to Qualys a new vulnerability report generated with the Qualys Cloud Platform, enabling our customers to have the latest report available to meet their compliance requirements. Customers can also use Qualys Virtual Scanner Appliances, Qualys Cloud Agents or Qualys Container Sensors to assess their Azure Stack Hub workloads, including Kubernetes-based containers. Splunk recently released a dashboard for the Azure Stack Hub infrastructure. The dashboard uses Azure Stack Hub domain-specific knowledge to enable Azure Stack Hub operators to closely monitor important security events, such as code integrity violations, privileged endpoint access or suspicious activity via Windows Defender. This will allow organizations to have greater visibility into their Azure Stack Hub environment and reduce time to remediate. The https://splunkbase.splunk.com/app/4559/ and the https://splunkbase.splunk.com/app/4558/ are available for download on Splunkbase. Infrastructure Updates Further Enhance Azure Stack Hub Security At the Azure Stack Hub infrastructure level, with the 1910 release, Azure Stack Hub now uses 4096 bit RSA keys for the internal certificates, supports AES256 for data at rest encryption and Kerberos authentication, SHA384 for VPN encryption and it complies with the Committee on National Security Systems - Policy 15 (CNSSP-15) which provides best practices for the use of public encryption standards for secure information sharing. Beginning with the 1908 release, Azure Stack Hub runs in FIPS mode and the data at rest encryption secrets are persisted in the Trusted Platform Module (TPM) 2.0 chips. The 1906 release brought the capability of Azure Stack Hub operators to enforce the https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-security-configuration on the external endpoints. This new capability helps Azure Stack Hub operators to secure their communications by using the more secure TLS 1.2 as the only TLS version allowed. In preparation for this new capability, we also validated TLS 1.2 for the virtual machines extensions in the Azure Stack Hub marketplace so that you can secure your end-to-end communications with Azure Stack Hub and the workloads running on top of it. Starting with the 1906 release, we have been adding improvements to the internal secret rotation engine as we work through making it fully autonomous. We also added a safeguard to prevent the expiration of internal secrets by forcing internal secrets rotation in case a critical alert on expiring secrets is ignored. As we continue to work on security features for Azure Stack Hub, let us know if there are first or third party features that you would like to see in Azure Stack Hub by leaving a comment below.
Hyper-V VM Migration to Azure Stack HCI, version 23H2
Written by Kerim Hanif, Senior Program Manager on the Azure Edge & Platform team Azure Migrate is a unified platform that simplifies migration, modernization, and optimization of on-premises resources to Azure. We have been working very closely with Azure Migrate team to add more destinations for Azure Migrate like VMware and Hyper-V. Last year we launched the private preview of Hyper-V virtual machine (VM) migration with Azure Migrate, and today we are very happy to announce the public preview of this capability. Note: VMware migration is currently in private preview. Please fill this form if you would like to be part of the private preview and help us build a high-quality migration capability. What is new in this public preview? This feature enables you to migrate your Windows and Linux VMs running on Hyper-V to Azure Stack HCI, version 23H2 clusters (GA as of Feb 1 st of this year). A wide range of source environments starting from Hyper-V on Windows Server 2012 R2 to Windows Server 2022 are supported. This feature uses the agentless migration option of Azure Migrate. This means that you don't need any prep such as installing an agent on the source VMs. All you need are two appliances, one on the source, and one on the target. While you can manage, monitor, and configure via the cloud (Azure Migrate), the data transfer between the source and the target is kept local. All the migrated VMs are Arc-enabled by default. This means that the full power of Arc VM management is immediately available to you once the migration is complete. Migrating variety of VMs (Windows and Linux) from Hyper-V to Azure Stack HCI How to get started? Make sure that you have an Azure Stack HCI cluster running version 23H2. Create a migration project in Azure Migrate. Discover the VMs on your source Hyper-V servers and clusters. Select the VMs you want to migrate and start replicating them to the target Azure Stack HCI cluster (source VMs can continue running at this stage). When ready, start the migration, and migrate your VMs with minimal downtime. Track the progress from the Azure portal. Where to learn more? For more information and detailed steps, please visit the following links: Options for migrating virtual machines to Azure Stack HCI (preview) Use Azure Migrate to move Hyper-V VMs to Azure Stack HCI (preview)
Azure Stack Announcements at Build 2020
Although Microsoft Build 2020 is a virtual event, we’ve got lots of new announcements and features we can’t wait to get into your hands: New Container related Services on Azure Stack Hub New Development empowerment tools New Management & Operation functionality Hardware innovation New Ecosystem & Industry Solutions Here’s a peek at what we’ve talked about this week: New Container related Services on Azure Stack Hub We’re constantly working to bring Azure services on-premises via Azure Stack Hub. As we strive to enable cloud-first technologies in our customer’s datacenters, we’ve been focused on providing seamless deployment and management of container-based applications at the edge. Expanded Azure Kubernetes Service on Azure Stack Hub We’re excited to announce that we’re starting to recruit customers for the private preview of the Azure Kubernetes Service resource provider on Azure Stack Hub. If you need Kubernetes clusters in production today, you can use the AKS engine which is already generally available. But preview we are recruiting customers for is for the AKS resource provider. This is the same resource provider that enables seamless deployment and management of Kubernetes clusters in Azure today. The AKS resource provider builds on the AKS engine to further simplify the creation and maintenance of Kubernetes clusters and provide the same user experience, CLI and APIs across public cloud and private cloud environments. Users can sign up for the private preview here: https://aka.ms/ash-aks-private-preview. Azure Container Registry on Azure Stack Hub Private Preview Azure Container Registry (ACR) enables our customers to create secure, private container registries in Azure, allowing them to store and receive Open Container Initiative (OCI) compliant artifacts on Azure’s resilient infrastructure. We’re bringing this capability to Azure Stack Hub. With the private preview of ACR on Azure Stack Hub, customers will be able to use ACR to create private container registries on-premises, in connected or disconnected modes. We are recruiting customers for an upcoming private preview. Users can sign up for the private preview here: https://aka.ms/ash-acr-private-preview New Developer empowerment tools An important pillar of the Azure Stack family is developer consistency. Ensuring that developers can use the same tools to develop and deploy code in Azure and on-premises increases developer efficiency and allows developers to spend more time tackling problems relevant to their business. New Az PowerShell Modules for Azure Stack Hub Azure Stack Hub now supports the use of the Az PowerShell modules for Azure. This release enables cross-platform connectivity via PowerShell to Azure Stack Hub instances, while ensuring hybrid consistency with Azure. Azure Stack Hub will utilize the Az modules moving forward. We’re also introducing support for new resource providers on Azure Stack Hub. Users can now use PowerShell to interact with the Azure Stack Edge, Event Hub, and IoT Hub resource providers on their properly configured Azure Stack Hub deployments. This is available through the Az PowerShell installer. Users can follow the instructions at https://aka.ms/InstallPowerShell. New Support for Windows Containers & Azure CNI on Hub The Azure Containers team is always innovating to bring the latest in container technology to Azure and Azure Stack Hub. We’re enabling support for Windows containers in the Azure Kubernetes Service engine, which uses automation to deploy Kubernetes clusters into Azure and Azure Stack Hub. In keeping with our promises of Azure compatibility, we’re also releasing the Azure Container Networking Interface plug-in, enabling customers to deploy and manage their own Kubernetes clusters with native Azure networking capability by default. This release, which will come as an update to the Azure Kubernetes Service engine, expands the capabilities of Kubernetes clusters on Azure Stack Hub. New Management & Operation functionality As the number of Azure Stack Hub and Azure Stack Edge deployments grow, Microsoft and our ecosystem partners have created tools that allow centralized management of Azure Stack Hub instances from a single portal, centralized management of multiple Azure Stack-deployed Kubernetes clusters from Azure using Arc, and other on-premises cloud resources. Azure Stack Hub Administration experience from Azure Preview Initially announced at Ignite 2019 as part of the Edge Manager solution, we’re starting a preview program of our Azure Stack Hub Admin experience from Azure at the end of the summer. Azure Stack Hub Administration from Azure gives Azure Stack Hub administrators the ability to view operations data about one or more Azure Stack Hub deployments through a central interface running in Azure. Administrators will soon be able to use a single pane of glass to view alerts and take actions such as rolling out software updates across their Azure Stack Hub fleet directly from a central location in the cloud. CloudAssert Multi Stamp and Multi Cloud Management Solution for Azure Stack Hub Cloud Assert, an ISV partner, is announcing the availability of their Multi-Cloud Management toolset that runs in disconnected mode. Their solution allows Azure Stack operators to manage multiple Azure Stack Hubs through a single pane of glass either directly from the Azure Stack Hub portal or through their standalone interfaces. The offering also provides functionality for tenant users to deploy and manage resources on different Azure Stack Hubs from a single location. In addition to these management features, Cloud Assert's existing solutions such as Usage and Billing for Azure Stack Hub now support collecting usage from multiple instances and generating aggregated reports and invoices. You can read more about their offering here: https://www.cloudassert.com/Product/Microsoft-Azure-Stack-Hub/Multi-Stamp-Management Azure Arc Support for AKS Engine Clusters Today, Microsoft is bringing new capabilities to Azure Arc to help customers simplify and streamline their on-premises, edge and multi-cloud investments. Beginning in summer 2020, Azure customers using Arc will be able to manage Kubernetes clusters deployed through the Azure Kubernetes Service engine on Azure Stack Hub. This enables central management of an organization’s Kubernetes clusters from Azure using Arc, no matter where they’re hosted. ManageIQ (CloudForms) Public Preview IBM and Microsoft are excited to announce a preview of ManageIQ, formerly known as Red Hat CloudForms, for Azure Stack Hub. ManageIQ is an IBM platform that allows cloud operators to manage their resources on Azure Stack Hub platforms, such as virtual machines, and track usage data. In addition, ManageIQ enables Azure Stack Hub to be managed by IBM’s robust technical tooling. Since our partnership announcement four years ago, Red Hat, IBM and Microsoft have seen immense value delivered to our customers, from co-support of hybrid cloud deployments to waves of upstream innovation for expanded Linux capabilities. Hardware Innovation Our Azure Stack Hub hardware and system integrator partners continue to up the ante with new form factors and hardware options for Azure Stack Hub. Soon, customers will be able to select Azure Stack Hub deployments with GPUs for machine learning, and remote desktop visualization. Azure Stack Hub is also expanding beyond the datacenter, with new form factors for deployment in unconventional environments. Avanade/HPE Edgeline Small Form Factor Azure Stack Hub Avanade, a valued cloud services partner, is offering customers a way to easily deploy and manage Azure Stack in remote locations like factories, oil rigs, retail locations warehouses, and all edges in between. Avanade offers Azure Stack Hub deployments using HPE’s Edgeline EL8000, a small form factor hub which does not require external cooling, making it ideal for locations like retail or manufacturing where a data center may not be available on site. Pairing Azure Stack Hub and HPE’s Edgeline EL8000 enables Azure services to transform businesses in new and exciting locations. GPU Hardware Previews Our customers have been asking for a way to supercharge their on-premises machine learning training and inferencing workloads. We announced at NVIDIAs GPU Technology conference a private preview for GPU-accelerated ML scenarios using Nvidia GPUs on Azure Stack Hub. Enabling rapid machine learning training and inferencing on Azure Stack Hub. The NVIDIA GPUs are the NVIDIA V100 and NVIDIA T4. The GPU will be available through an Azure Stack update for systems that have compatible hardware and are enrolled in the preview. In addition to machine learning, there is a demand for Azure Stack Hub deployments that enable graphics-intensive applications in a virtual environment. We’re also announcing a private preview for AMD GPU-based Azure Stack Hub systems, designed for remote visualization. This is the AMD Mi25 GPU. We are working closely with our hardware partners to bring these new capabilities to our customers. Hewlett Packard Enterprise is supporting the Microsoft GPU preview program as part of its HPE ProLiant for Microsoft Azure Stack Hub solution. “The HPE ProLiant for Microsoft Azure Stack Hub solution with the HPE ProLiant DL380 server nodes are GPU-enabled to support the maximum CPU, RAM, and all-flash storage configurations for GPU workloads,” said Mark Evans, WW product manager, HPE ProLiant for Microsoft Azure Stack Hub, at HPE. “We look forward to this collaboration that will help customers explore new workload options enabled by GPU capabilities.” With Dell, we’re working on the Dell EMC Integrated System for Azure Stack Hub https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblog.dellemc.com%2Fen-us%2Funlock-real-time-gpu-driven-insights-with-azure-stack-hub%2F&data=02%7C01%7CAnjay.Ajodha%40microsoft.com%7C36bef8f4695b49815abc08d7fb5f2314%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637254258336132767&sdata=glasEWDRly%2BnpQ6dfNjgWF6HJiH5LXngvKdRfGz6%2BLM%3D&reserved=0 - NVIDIA V100 Tensor Core and AMD Mi25 GPU’s. As a leading cloud infrastructure provider, Dell Technologies helps organizations remove cloud complexity and extend a consistent operating model across clouds. These new configurations will provide customers increased performance density and workload flexibility for the growing predictive analytics and AI/ML markets. They will also come with automated lifecycle management capabilities and exceptional support. To participate in the Azure Stack Hub GPU preview, go to https://aka.ms/azurestackhubgpupreview today. New Ecosystem & Industry Solutions The Azure Stack family boasts an ever-growing independent software vendor (ISV) and partner ecosystem. Below are just a few of the many partners who have selected the Azure Stack family as the premier edge deployment platform for their solutions. Many of these partners have developed offerings targeted at a specific industry vertical and have a substantial knowledge of their selected industries. In addition to our partner and ISV solutions, Microsoft has developed a few first-party solutions designed to illustrate what’s possible with the Azure Stack family. Manufacturing Solution for AI in Factories As customers have become interested in edge computing, we’ve used several open-source projects to demonstrate the value of the Azure Stack family. Our latest release in this series of projects is a solution that brings low-cost computer vision to any manufacturing facility. Our solution, available on GitHub, guides customers with no data science practice or machine learning experience through the training and deployment of a machine learning model using an IP camera and objects of their choosing. Designed to run on Azure Stack Edge and Azure Stack Hub, and using Customvision.ai, Microsoft’s easy-to-use vision model training service, our customers can get up and running in hours. Our partner https://www.linkernetworks.com/blog-1 can help customers interested in deploying this solution at scale in production. We plan to add several other features and enhancements to the product over the coming weeks, so stay tuned. To try this solution, go to: https://aka.ms/factoryai Aware Group Solutions – Solutions for AI and IoT at the edge The Aware Group, an Azure Edge ISV partner based in New Zealand, is https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faware.to%2Fpopulace&data=02%7C01%7Cchasat%40exchange.microsoft.com%7C10a7dfb6b4924f9f5e1308d7eb3c7245%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637236517163992087&sdata=K9qwBEBwv8EJAXCxMNaHSx0hmBgJ2k8%2Fgi1Fqzj0hmE%3D&reserved=0 for the Azure Stack family that extends the power of their current offerings to the edge. Their current offerings include IoT Edge modules that use AI to detect anomalies and perform noise classification. They’ll soon begin offering products and solutions that integrate their technology into vertical-specific scenarios. FHIR Server on Azure Stack Hub and Azure Stack Edge With the renewed focus on healthcare scenarios, we’re announcing a non-production version of Microsoft’s Fast Healthcare Interoperability Resources (FHIR) server designed to be deployed at the edge, on Azure Stack Edge and Azure Stack Hub. Deploying a FHIR server at the edge enables healthcare providers to securely cache and share patient data between their facilities and make de-identified data available to other groups. These new scenarios help the healthcare community collect, aggregate, and managed data where it’s generated. For more information, go to: https://aka.ms/azshealthcare Microsoft Research Project InnerEye – Coming Soon to Azure Stack Hub Microsoft Research, Microsoft Healthcare Next, and the Azure Stack teams are collaborating to bring https://www.microsoft.com/en-us/research/project/medical-image-analysis/ to Azure Stack Hub, enabling machine learning and analysis of medical scans at the edge. This summer, a solution will be made available that allows healthcare providers to easily train machine learning models on their on-premises data, building on model architectures developed by Microsoft Research Cambridge. Project InnerEye at the edge will allow healthcare providers and ISVs to provide low latency medical image analysis and comply with data handling regulations. Knowledgepark GmbH Selects Azure Stack Hub for German Healthcare Solution Knowledgepark GmbH, an Azure Stack ISV partner, in collaboration with Akquinet AG and Cloudian Inc. are announcing a healthcare-oriented cloud services platform for the German market, based on Azure Stack Hub integrated with Cloudian’s HyperStore ObjectStorage. Planned offerings based on this platform include electronic health record systems, and healthcare billing solutions. To learn more about Knowledgepark’s offering, go here: https://aka.ms/azshealthcare_partnerstory_Kpark Neal Analytics, with Microsoft and Intel, Unveils StockView Neal Analytics, in partnership with Microsoft and Intel, is taking the wraps off StockView, its new out-of-stock detection solution for medical supplies. StockView leverages Microsoft’s Azure Stack Edge devices, vision-based AI, and the Azure platform to automatically detect medical supply shortages and notify hospitals. To learn more about StockView, go here: https://aka.ms/azshealthcare_partnerstory_NealAnalytics We hope that you have a great virtual Build! Let us know what you think in the comments below. To learn more about the Azure Stack family, go here: https://azure.microsoft.com/en-us/overview/azure-stack/Azure Stack Hub extends capabilities on the Edge
As hybrid cloud continues to evolve, we are working to light up new scenarios in Azure’s Intelligent Cloud and Intelligent Edge. We have expanded the Azure Stack family portfolio and Azure Stack has been renamed to Azure Stack Hub, underscoring the central role of Azure Stack Hub in enabling edge scenariosAccelerate edge deployments with cloud-managed infrastructure and Azure Stack HCI version 23H2
Today we’re announcing Azure Stack HCI version 23H2, cloud-managed hyperconverged infrastructure that applies adaptive cloud principles to the full stack. Deploy and operate everything from hardware to applications using Azure Resource Manager and core Azure management services.
