This month, Azure portal has updates to Azure Security Center and a new experience to Azure Migrate.
Sign in to the Azure portal now and see for yourself everything that’s new. Download the Azure mobile app to stay connected to your Azure resources anytime, anywhere.
Here’s the list of updates to the Azure portal this month:
Management and Governance
Let’s look at each of these updates in detail
Management and Governance
Azure Migrate is now a central hub to start, execute and track your migration journey
Azure Migrate has been enhanced to help you discover, assess and migrate applications, infrastructure and data from your on-premises environments to Azure. You can centrally track progress of your migration journey across multiple Microsoft and Independent Software Vendor (ISV) tools in Azure Migrate.
This release of Azure Migrate includes the following functionality:
- Extensible approach with choice across multiple Microsoft and popular ISV assessment and migration tools
- Integrated experience for discovery, assessment and migration with end-to-end progress tracking for servers and databases
- Rich migration planning capability for large-scale VMware and Hyper-V VM migrations to Azure
- Migration capability for lift-and-shift migration of on-premises VMware or Hyper-V VMs, AWS or Google Cloud VMs and physical servers to Azure infrastructure as a service (IaaS).
- Database assessment and Database migration capability for migration of on-premises databases to various database targets in Azure including Azure SQL Database and Managed Instance
To try out Azure Migrate:
- In the Global Search box, type Azure Migrate and click it under Services when it shows up.
- Alternatively, you can click the All Services button on the left-navigation menu and select Azure Migrate, under the Migrate category
- Pick one of the options:
- Click Assess and migrate servers to discover, assess and migrate your on-premises VMware and Hyper-V virtual machines or Physical servers to Azure.
- Click Assess and Migrate Databases to assess and migrate your on-premises databases to Azure SQL Database Managed Instance or Azure SQL Database.
- Click Assess and Migrate Web Apps to assess and migrate .NET and PHP web apps to Azure's Platform-as-a-Service, Azure App Service.
- Click Order a Data Box to use the Data Box offline family of products to move large amount of data to Azure.
You can learn more about these enhancements on this blog post, or by reviewing our documentation for the step by step guidance on how to use Azure Migrate.
Cross-tenant management is now supported in Azure Security Center
Azure Security Center now supports cross-tenant management scenarios as part of Azure Lighthouse. This enables you to gain visibility and manage the security posture of multiple tenants in Azure Security Center.
For more information, see Cross-tenant management experiences.
To try out the new management experience:
- Open Security Center. In the Global Search box, type Security Center and click it under Services when it shows up.
- Alternatively, you can click the All Services button on the left-navigation menu and select Security Center, under the Security category
- In the Security Center page, click Security Policy in the menu, under the Policy and Compliance category.
- Browse through your subscriptions and management groups
New Azure Security Center recommendations
Security Center recommendations are actions for you to take in order to secure your resources. Azure Security Center periodically analyzing the security state of your Azure resources to identify potential security vulnerabilities. It then provides you with recommendations on how to remove them.
This month, we’re enabling you to use new networking and SQL-related recommendations. Some of the existing networking recommendations were updated. For more details, use the following resources:
Some Azure Security Center recommendations were removed
The “Access to storage accounts with firewall and virtual network configurations should be restricted (Preview)” recommendation has been disabled. Some Microsoft services, that interact with storage accounts, operate from networks that can't be granted access through network rules. To allow these services to work properly, there is a list of trusted Microsoft services that bypass the network rules. Currently, not all Azure services are included in this trusted Microsoft services list, and therefore, would not be able to access the storage if you follow this recommendation.
Even though the recommendation is no longer being used, the policy, to implement restricting access to storage accounts with firewall and virtual network configurations, is still available. Therefore, if you want to enable this restriction, you can go to the ASC default assignment in Azure policy, search for the Audit unrestricted network access to storage accounts parameter assignment in the policy and change it to Audit.
In addition, the recommendation and policy to enable encryption of storage accounts has been removed. Azure Storage is encrypted by default and cannot be un-encrypted. Therefore, Enable encryption of storage account recommendation and its corresponding policy, (Preview): Audit missing blob encryption for storage accounts have been removed. For more information, see Azure Storage encryption for data at rest.
Updates to Microsoft Intune
The Microsoft Intune team has been hard at work on updates as well. You can find the full list of updates to Intune on the What's new in Microsoft Intune page, including changes that affect your experience using Intune.
New videos on Azure portal “how to” video series
The following new videos are available to help you make the most out of the Azure portal:
- How to use deployment slots on Azure App Service. Watch here
- How to make the most out of Azure Advisor. Watch here
- How to create an Azure SQL database using all configuration options. Watch here
- How to create App Services in the Azure portal. Watch here
Have you checked out our Azure portal “how to” video series yet? The videos highlight specific aspects of the portal so you can be more efficient and productive while deploying your cloud workloads from the portal. Keep checking our playlist on YouTube for a new video each week.
The Azure portal’s large team of engineers always wants to hear from you, so please keep providing us with your feedback in the comments section below or on Twitter @AzurePortal.
Don’t forget to sign in the Azure portal and download the Azure mobile app today to see everything that’s new. See you next month!