Eight new service offerings added to Azure Government certification scope

[vc_row][vc_column][vc_column_text]Eight New Service Offerings Azure Government Cloud

Eight new service offerings added to Azure Government certification scope

Written by Derek Strausbaugh as seen on blogs.msdn.microsoft.com
We are pleased to announce the addition of Azure Resource Manager, Automation, Azure Batch, Log Analytics, Azure Media Services, Policy Administration Service/RBAC, Redis Cache, and Scheduler to certification scope in Microsoft Azure Government.
Each of these service offerings has received Joint Authorization Board (JAB) approval for addition to Azure Government’s P-ATO at the High Impact Level.  With the addition of these eight offerings, the total number of Azure Government offerings that meet the FedRAMP High baseline grows to 26 services; 20 more services than AWS GovCloud.
These services may be used by Federal, DoD and state and local government customers and partners building solutions on Azure Government who are required to meet rigorous compliance standards such as FedRAMP High, DISA L4, CJIS, ITAR, and IRS 1075.   The Azure Blueprint program is designed to facilitate the secure and compliant use of these and other Azure Government service offerings by providing solution accelerators and guidance concerning customer security responsibilities when architecting solutions in Azure.

About these services

Azure Resource Manager – Azure Resource Manager (ARM) enables you to repeatedly deploy your app and have confidence your resources are deployed in a consistent state. You define the infrastructure and dependencies for your app in a single declarative template. This template is flexible enough to use for all of your environments such as test, staging or production.
You put resources with a common lifecycle into a resource group that can be deployed or deleted in a single action. You can see which resources are linked by a dependency. You can apply tags to resources to categorize them for management tasks, such as billing as well as control who in the organization can perform actions on the resources by defining roles for users and groups.  ARM logs all user actions so you can audit those actions.
Automation – Azure Automation uses Windows PowerShell scripts and workflows – known as runbooks – to handle the creation, deployment, monitoring, and maintenance of Azure resources and third-party applications.  Automation runbooks work with Web Apps in Azure App Service, Azure Virtual Machines (Windows or Linux), Azure Storage, Azure SQL Database, and any service that offers public Internet APIs.
Azure Batch – Azure Batch makes it easy to run large-scale parallel and high-performance computing (HPC) workloads in Azure. Use Batch to scale out parallel workloads, manage the execution of tasks in a queue, and cloud-enable applications to offload compute jobs to the cloud.
Log Analytics – Log Analytics is a service in Operations Management Suite that helps you collect and analyze data generated by resources in your cloud and on-premises environments. It gives you real-time insights using integrated search and custom dashboards to readily analyze millions of records across all of your workloads and servers regardless of their physical location.
Azure Media Services – Azure Media Services offers broadcast-quality video streaming services to reach larger audiences on today’s most popular mobile devices. With features that enhance accessibility, distribution, and scalability, Media Services makes it easy and cost-effective to stream and protect your content to audiences both local and worldwide.
Policy Administration Service/RBAC – Azure Role-Based Access Control (RBAC) enables fine-grained access management for Azure. Using RBAC, you can grant only the amount of access that users need to perform their jobs.
Redis Cache – Based on the popular open source Redis cache—Redis Cache gives you access to a secure, dedicated cache for your Azure application usage.  It leverages the low-latency, high-throughput capabilities of the Redis engine. This separate, distributed cache layer allows your data tier to scale independently for more efficient use of compute resources in your application layer.
Scheduler – Azure Scheduler lets you invoke actions that call HTTP/S endpoints or post messages to a storage queue on any schedule. You can use Scheduler to create jobs that reliably call services either inside or outside of Azure and run those jobs on demand, on a regular or irregular schedule, or at a future date.
Azure is dedicated to expanding the number of offerings available to government customers and will continue to provide updates through our blog as well as adding covered offerings to the Microsoft Trust Center.

[/vc_column_text][/vc_column][/vc_row]

Microsoft brings together IT management and security for the hybrid cloud

[vc_row][vc_column][vc_column_text][vc_single_image image="10922" img_size="900x550" alignment="center"][vc_column_text]

Microsoft brings together IT management and security for the hybrid cloud

As written on blogs.technet.microsoft.com
As organizations adopt hybrid cloud models for IT, the challenges for operations management continue to increase. Among those challenges is the difficulty of securing these complex environments, which include resources on-premises as well as in hosted clouds, Azure or AWS. At the same time, the cost of breaches continues to rise – the average cost of a data breach to a single company is $3.5M. To help meet these challenges, today we are announcing the general availability of new and improved security features for Microsoft Operations Management Suite, a set of cloud-based services designed to help customers protect, detect and respond to security issues across hybrid cloud environments.
Operations Management Suite (OMS) is management for the cloud, from the cloud. Delivering analytics, automation, configuration, security, backup, and site recovery, OMS gives you the ability to increase visibility and control from the on-premises datacenter to the cloud. The advantages of cloud-based management include the ability to innovate faster, scale to meet expanding requirements, and get up and running without long deployment cycles. Using cloud-based security tools also ensures that you are always working from the latest information on threats. Security and management go hand in hand, because the same data that indicates a potential performance or health issue, might also indicate a security breach. By bringing security and management together in a single cloud-based offering, OMS provides the tools you need to address threats and remediate issues without the added complexity of point solutions.
Last week we announced the general availability of Azure Security Center, a set of tools to help customers gain visibility into the security state of their Azure resources, take control of cloud security policies, and both detect and respond to active attacks. With OMS Security we bring the security analytics that are built into Azure Security Center to hybrid cloud environments, giving you the capabilities you need to handle today’s evolving security threats. OMS Security leverages the same intelligence and detection that we use in Azure and is based on the security knowledge that we gain from running a hyper-scale cloud.
With OMS Security, you can quickly assess the security posture of your hybrid cloud environment and detect active security threats. OMS Security will continuously monitor the environment for security vulnerabilities such as missing critical security updates, antimalware, and recommended security configuration baselines. To detect active security threats and attacks, the service leverages powerful event analysis paired with threat intelligence derived from Microsoft’s own cloud experience. You can centralize management for protecting systems, as well as creating alerts, implementing automatic security updates across systems, and applying security policies. A simple approach to search and queries across all data sources lets you streamline the security audit process with easy access to comprehensive and actionable security log data. With these new capabilities, IT administrators can avoid being blindsided by a breach and alert the security team if they see indicators of compromise. Security response teams can then use the same simple search capabilities to rapidly get a view across operations and security data to help stop the threat.
The new Security service includes a broad range of tools to help you get deeper visibility across multiple aspects of the security landscape. Highlights include advanced threat detection and the Threat Intelligence dashboard, which lets you visualize attacks using the same data we use in Azure. For customers using Advanced Threat Analytics in Enterprise Mobility + Security (EMS), you can now view that information in OMS, giving you a single view of security for IT operations. The new Security Configuration Baseline Assessment identifies vulnerable OS configurations that could be exploited by an attacker. To see OMS Security in action, and get a deeper view on how these features can work for you, take a look at Operations Management Suite Security in this episode of Microsoft Mechanics.
To make it easier to get access to these solutions, we announced earlier this month that you can purchase OMS via a new subscription model. Existing System Center customers can get OMS as an add-on, extending the value of existing on-premises investments.

[/vc_column_text][/vc_column][/vc_row]