Microsoft Ignite 2018–Azure Migrate

I arrived late for this session because I was in a meeting. They were doing a demo of Azure Migrate.

Azure Migrate fo Discovery And Assessment

  • Agentless discovery
  • TCO calculation
  • Right-size and suitability
  • Azure Platform

The are “announcing” support for Hyper-V – it’s still in limited private preview.

Third Party Solutions

Cloudamize is just an assessment tool

  • Indepth performance analysis
  • Right-size compute and stoage options.
  • TCO calculations
  • Agentless
  • Assessments for migration to Azure SQL
  • Integrates into ASR to do the migration

Migration solutions:

  • ASR
  • Zerto
  • CloudEndure

Azure Site Recovery (ASR)

  • Easy to onboard – appliance wizard for VMware
  • Broad coverage for Windows and Linux
  • UEFI support for VMware and physical machines – converted to BIOS
  • W2008 32-bit support

They do a demo of Zerto for migrations. Then they demo CloudEndure.


They’re trying to simplify the process. Starting a limited private preview:

Assess > Migrate & modernize > optimize > secure & manage.

Going to use the new tabbed UI in the Azure Portal. You can import and assessment into a migration. Pick the ready machines that you want to migrate, optionally apply HUB and overrise VM sizing, OS disk, and availability set membership. This migration experience will ideally be used by the 3rd parties too.

System Center Capacity Planner End of Life

I just read a blog post by Microsoft staff that said System Center Capacity Planner is end of life and will have no new developments.  That’s a pity.  It’s a concept that was a really good idea, and could have extended to all products in the planning stages.

The idea was that Microsoft would model how their different products would work.  You would then describe your network and it would help you design a solution.  A simulation could be run to see how your hardware would handle the work loads.  Unfortunately it suffered from a few problems.  The product set never really grew beyond Exchange, SharePoint and Operations Manager.  The newer versions weren’t added.  And the available hardware models weren’t kept up to date.  Maybe if the model was open source it could have helped but it really needed Microsoft’s assistance.

On the Hyper-V front, I would have loved to see it integrate with data generated by MAP and OpsMgr/VMM to help you design a Hyper-V farm managed by VMM.  But that never came to be.

In the end, the results were just a recommendation and not to be 100% relied upon.

The post describes alternative sources for planning OpsMgr, SharePoint and Exchange.

Technorati Tags:

Auditing Your Data Centre

I have a strong dislike for auditing.  It’s a time consuming process.  But you know, if you use the right systems management tools it doesn’t need to be.  Microsoft’s Optimised Infrastructure model and Dynamic Systems Initiative preach automation and expertise built into the network.  The latest generation of System Centre allows for this.  Microsoft released a short white paper that looks at data centre auditing.  It’s not something I’d really considered until the last few months.

Network and some *NIX administrators have long used SYSLOG tools.  The idea is that all events are forwarded to a central store.  It gives a synchronised view of what is happening across a multitude of devices.  It allows for diagnostics.  But from an auditors point of view, it gives an audit trail of who did what and when.  You can get this sort of functionality going with Windows as well.  I’m not a network or *NIX admin but I’m guessing their security logs are not that different to one on a Windows box, i.e. lots of noise and they require significant time to filter through to figure out what was really going on.

System Centre Operations Manager (SCOM or OpsMgr) 2007 includes Audit Collection Services.  I first heard of ACS at TechEd Europe in Amsterdam in 2004.  It was going to be a standalone tool but after a lengthy delay it finally saw the light as a part of OpsMgr.  You can turn on ACS on your OpsMgr agents to enable centralised security logging for Windows platforms.  What makes it different to SYSLOG is that Microsoft’s developers have identified the important events that illustrate what is going on and they only forward those events to the ACS database.  The ACS database is separate to the rest of the OpsMgr databases so you can permission it differently, i.e. only your auditors or security staff would have access to it if required.

I don’t know if the new Cross Platform Extensions for OpsMgr will allow for ACS on Linux platforms.  I suspect that they won’t.  Anyway, you’re going to still need SYSLOG for your network devices.  From what I’m seeing recently, network monitoring tools (which are often freeware) seem to run and be supported best when running on Linux.  Yes, you read that on my blog … something running best on Linux.  I am open to non-MS products!

That’s great for monitoring your security activities, but that’s only half of the story.  You need to build a secure and regulatory complaint infrastructure and maintain that integrity.  I knew a security consultant in Germany who spent a huge amount of time building an automated auditing tool set that dumped data into a central store and allowed for reporting.  It covered all sorts of platforms.  It was a really great idea.  But this guy was an alpha geek.  Owning and running that toolset required his level of abilities, I’m guessing.

System Center Configuration Management (SCCM or ConfigMgr) 2007 features Desired Configuration Management (DCM).  DCM allows you to use either a set of pre-built or custom made templates to audit your Microsoft network on a recurring and automated basis.  That means there’s no more logging into each box to check out the configuration of the box.  Everything is automated.  You’re also building that expertise into the network by using templates.  Heck, Microsoft even gives away a set of DCM packs for the products to cover regulators like SOX, FISMA, EUDPD, HIPAA and more!  Now you can just tell your auditors to run a report to see the configuration health of your network.  No more wasted admin or auditor time or complexity, e.g. delegated admin rights on servers and applications.  The DCM tool is easy enough to get your head around in order to build your own templates for auditing 3rd party or internal applications. 

If you’re in a regulated market, e.g. finance, health, pharmaceuticals, etc, then you’re probably required to have these sorts of controls.  If you’re using System Centre then it makes sense to look into and enable these functions to make your job easier.  Sure, you may require another server and some storage but when you compare time savings VS capital costs, there’s really only one logical way forward: build that expertise into the network and leverage the available automation.

Infrastructure Planning and Design

Want to do a best practice deployment of new Microsoft technologies?  If so, have a read of the IPD documents.  Of note are new documents for SCOM 2007, SCVMM 2008, IIS7 and NAP.

"The Infrastructure Planning and Design (IPD) guides are the next version of Windows Server System Reference Architecture. The guides in this series help clarify and streamline design processes for Microsoft infrastructure technologies, with each guide addressing a unique infrastructure technology or scenario.

  • Infrastructure Planning and Design guides share a common structure, including:
  • Definition of the technical decision flow through the planning process.
  • Listing of decisions to be made and the commonly available options and considerations.
  • Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
  • Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

These guides complement product documentation by focusing on infrastructure design options.

Each guide leads the reader through critical infrastructure design decisions, in the appropriate order, evaluating the available options for each decision against its impact on critical characteristics of the infrastructure. The IPD Series highlights when service and infrastructure goals should be validated with the organization and provides additional questions that should be asked of service stakeholders and decision makers.

IPD consists of the following downloadable packages:

  • New! System Center Operations Manager 2007
  • New! System Center Virtual Machine Manager 2008
  • New! Internet Information Services 7.0
  • New! Selecting the Right NAP Architecture
  • Infrastructure Planning and Design Series Introduction
  • Microsoft SoftGrid Application Virtualization
  • Selecting the Right Virtualization Technology
  • Windows Deployment Services
  • Windows Server 2008 Active Directory Domain Services
  • Windows Server 2008 Terminal Services
  • Windows Server Virtualization (for Windows Server 2008 Hyper-V and Virtual Server 2005 R2 SP1)

The guides are available as individual downloads or as a single all-in-one package".

Credit: Kurt Roggen.