Azure AD Group-based License Management Public Preview, Blob Auditing Hits GA

Azure AD Group-based License Management for Office 365 Public Preview, NPM and Diagnostics Service across public and hybrid clouds, Blob Auditing in Azure SQL Database is Generally Available.

Share online:

The public preview of group-based license management in Azure Active Directory, now will let administrators have access to easier tools to control "who gets a product license and which services are enabled."

"Admins will now be able to define a "license template" and assign it to a security group in Azure AD," says Microsoft.

This preview launched on Wednesday, also includes the ability to selectively disable service components in product licenses, making it possible to stage the deployment of large service suites such as Office 365 Enterprise E5.

Below, a few key facts about group-based license management:

  • Licenses can be assigned using any "security group" in Azure AD, whether synced from on-premises or created directly in Azure AD.
  • All Microsoft Online Services that require user-level licensing are supported.
  • The administrator can disable one or more service components when assigning a license to a group. This allows staged deployments of rich products like Office 365 Enterprise E5 at scale.
  • The feature is only available in the Azure portal.
  • Licenses are typically added or removed within minutes of a user joining or leaving a group.
Azure AD Group-based License Management for Office 365 Public Preview
Azure AD Group-based License Management for Office 365 Public Preview

Azure Government has received authorization to add 12 customer-facing services to its FedRAMP Provisional Authorization to Operate (P-ATO)—means, "Azure Government now offers 32 infrastructure and platform services to customers in Azure Government compliance boundary" – all authorized for use with up to High Impact level data.

Also announced on Wednesday, "the entire Operations Management Suite is now authorized for use," empowering Azure Government customers to take full advantage of the Hybrid Cloud.

Network Performance Monitor (NPM), a cloud-aware network monitoring solution in Operations Management Suite Insight & Analytics, which monitors networks for performance degradation and outages, is now available as on Wednesday.

Network Watcher – Network Performance Monitoring and Diagnostics Service for Azure
Network Watcher – Network Performance Monitoring and Diagnostics Service for Azure

The solution continuously tests for reachability between various points on the network across public clouds, datacenters and user locations, and enables application administrators to quickly identify the specific network segment or device that may be causing the problem.

Since public preview release last year, there's also new features and enhancements to aid in comprehensive monitoring and faster troubleshooting, including:

  • ICMP based reachability tests: NPM can detect connectivity using Internet Control Message Protocol (ICMP), in addition to TCP.
  • Network State Recorder enhancements enable the admin to view the state of the network at any point in the past.
  • Topology Map presents all the network paths between the endpoints and helps localize a network problem to a particular path.
  • NPM now leverages the alert management capabilities in OMS. Users can now get email-based alerts, in addition to the existing alerts within NPM.
  • NPM agents can now run on Windows desktops/client operating systems (Windows 10, Windows 8.1, Windows 8, and Windows 7), in addition to the previously supported Windows Server OS.
  • NPM agents can now test network connectivity from Linux workstations and servers including: CentOS Linux 7, Red Hat Enterprise Linux 7.2, Ubuntu 14.04 LTS, Ubuntu 15.04, Ubuntu 16.04 LTS, Debian 8, and SUSE Linux Server 12.
  • Improvements in search, enable quicker drill-down to the specific network and subnets that may be faulty, thereby enabling faster identification and remediation, writes the Azure team.

Azure Managed Disks and 1000 VMs in a Scale Set are now generally available, with added support to the Azure Python SDK.

"Azure Managed Disks provide a simplified disk management, enhanced scalability, and better security. It takes away the notion of storage account for disks, enabling developers to scale without worrying about the limitations associated with storage accounts," the team explains.

From a developer perspective, "the Managed Disks experience in Azure CLI is idomatic to CLI experience in other cross-platform tools. You can use Azure Python SDK and azure-mgmt-compute package 0.33.0 to administer Managed Disks. You can create a compute client using this tutorial. The complete API documentation is available on ReadTheDocs," added Azure team.

SQL Blob Auditing is now generally available in Azure SQL Database, and will be replacing Table Auditing, which has been generally available since November 2014, processing billions of daily queries.

"Existing Table Auditing customers are strongly encouraged to switch their database auditing to Blob Auditing," the Azure team said.

For those not aware, "Blob Auditing tracks database events and writes audited events to an audit log in your Azure Storage account." Auditing can "help maintain regulatory compliance, understand database activity, and gain insight into discrepancies and anomalies that could indicate business concerns or suspected security violations."

Additionally, Blob Auditing also supports Threat Detection for an additional layer of security to detect anomalous activities such :

  • Threat Detection alerts on suspicious activities and enables customers to investigate and respond to potential threats as they occur.
  • Customers can investigate events in the audit log correlated with the suspicious activity, without the need to be a security expert or manage advanced security monitoring systems.

"Blob Auditing will continue to provide high quality service that Table Auditing has been providing to thousands of SQL customers over the past two years," writes the Azure team.

Finally, in the Feburary Cloud Platform release announcements, Microsoft made the following products and services available:

Azure Command-Line Interface (Azure CLI) 2.0 reaches the general availability, means that customers can now use these commands in production, with full support by Microsoft both through Azure support channels and GitHub Issues.

The public preview of Storage Service Encryption (SSE) for Azure File Storage, when enabled automatically encrypted the data. "This enables IT organizations who want to lift and shift their on premises file shares to the cloud using Azure Files to protect their data at rest using industry standard 256-bit AES encryption."

Azure Search expands in the UK South Region now available in all public geographies.

DocumentDB ODBC Driver is now available, enabling users to renormalize data in DocumentDB so you can analyze the data and create reports using BI and Analytics solutions like Power BI and Tableau.

Power BI Desktop features are now available to business analysts with following new features:

  • Enhancements to Report view: word wrap on matrix row headers, X- and Y-axis font control, and line chart line thickness and join type controls.
  • Additional quick calculations: percent of row total & percent of column total.
  • Enhancements to data connectivity: ODBC and OLE DB connectors now support selecting related tables, unified text & CSV connectors, and PowerApps Common Data Service connector.
  • Solution Templates and Partner Showcase quick access: We've added quick access on the ribbon to two great resources: Solution Templates and the Partner Showcase. Solution templates let you use a wizard to very quickly and easily create a working end-to-end enterprise-ready Power BI solution. The Partner Showcase lets you browse our certified partners, see their work, and reach out if you are interested in working with them. If you're looking for resources to work with when creating your Power BI solutions, be sure to check these out!

Power BI service features are now available to end users and business analysts in the month of February:

  • Power BI data centers: Help customers find out where their Power BI data is stored; visit the Microsoft Trust Center—Power BI.
  • SharePoint Embed: Allows Powerbi.com reports to be embedded into SharePoint Online.
  • Dashboard SaaS Embed: Powerbi.com dashboards can now be embedded in custom apps. Sign in to powerbi.microsoft.com to experience the new features immediately.

SQL Server vNext Community Technology Preview (CTP) 1.3 is now available on both Windows and Linux, with several feature enhancements including High Availability and Disaster Recovery (HADR) for Linux and enabling customers to run Availability Groups without Windows Failover Clusters.

Customers can also create a Distributed Availability Group including replicas on both Windows and Linux to help with platform migration with minimal downtime. Preview in development and test environments today.

Azure CDN with support for Custom Domain HTTPS in public preview from Verizon to enhance the security of data in transit. "Use of HTTPS protocol ensures data exchanged with a website is encrypted while in transit." "Azure CDN already supports HTTPS for Azure provided domains (e.g. https://contoso.azureedge.net) and it is enabled by default. Now, with custom domain HTTPS, you can enable secure delivery for custom domains (e.g. https://www.contoso.com) too."

Azure Functions Proxies now in public preview, enables developers to easily create function proxies. "Developers can now create a single API definition for multiple function apps and backend services. This feature lets developers decouple the app-facing API from their backend services, thus shielding apps from any backend code changes," the team said.