Friday, March 23, 2018

What’s In a Name? System Center 2019 aka SCOM 18/19xy

A few days ago Microsoft launched the public preview of Windows Server 2019 (in order to download the preview version one has to join the Windows Insider program). The Windows Server Team posted an article about this public preview release on their blog, to be found here.

Besides a high level overview of what’s new in this product (expected GA date second half of 2018), the same article makes this quite interesting statement: ‘…Finally, Window Server customers using System Center will be excited to know that System Center 2019 is coming and will support Windows Server 2019…’

SCOM 2019 or 18/19xy?
Since SCOM is an integrated component of the whole System Center stack, SCOM will be updated as well. Looking at the new naming convention however, I seriously doubt whether SCOM will be branded SCOM 2019.

Instead I expect a name like SCOM 18/19xy, EG 1806/1810/1901, depending on the exact GA date of Windows Server 2019.

What’s in a name?
More interesting is however, what kind of release of System Center will support Windows Server 2019, meaning SAC (Semi-Annual Channel) or LTSC (Long Term Servicing Channel)?

And this is where it gets a bit unclear. On the first sight one would expect that it will be a SAC release, simply because that’s the very nature of the SAC release cycle, in cadence with the SAC release cycle of Windows Server. And as stated by Microsoft, only the SAC releases will support the newest features. Support of Windows Server 2019 can be looked upon as a new feature.

SAC only or LTSC ‘extension’ included?
However, with the Windows Server 2019 release being a LTSC one (as stated in this posting, second item of the Q&A), changes are that the System Center 2019 release might be a LTSC one as well. So for this moment it can go two ways.

But no matter what kind of release System Center 2019 will be, I would be amazed when the current 1801 LTSC release of SCOM wouldn’t be extended in any kind of way in order to support Windows Server 2019 as well.

So also from a System Center support perspective the GA release date of Windows Server 2019 will be exciting as well…

Tuesday, February 27, 2018

SCOM Reporting Done Right – Join Savision’s ‘SCOM Reporting Essentials’ Webinar

The 1st of March 4 PM CET Savision organizes an online session, all about SCOM Reporting. This webinar is hosted by ‘SCOM Bob’, fellow MVP Bob Cornelissen and Savision’s Support Manager, Chris Malay.

Many tips & tricks will be shared during this webinar, so you can take your SCOM Reporting skills to the next level. Topics to be covered are:

  • Overview of the most useful types of reports for different stakeholders
  • Tips and tricks to test your reports and make sure they work all the time
  • How to avoid empty reports and other common SCOM reporting issues
  • How to automate reports and receive them via email every month

On top of it all, Savision’s FREE(!) SLA Reports Management Pack will be demonstrated.

This MP allows you to create a complete SLA overview report of all your Service Level Objectives and to analyze why SLA expectations were not met by showing a list of the most common alerts that triggered the health state change of the Service Level Objective.

In another posting I’ll write about this MP in more detail.

Friday, February 23, 2018

Free Azure Training Resources

For some time already (here and here for instance) Microsoft offers free Azure training resources. Since a few days Microsoft has updated the content of some of those offers, whereas existing  resources are extended.

Here are the related links:

  1. Azure Training and Certification
    Develop Azure skills you need for your job and career. Explore free online learning resources, hands-on labs, in-depth training, or get your expertise recognized with great deals on Azure certification.

  2. Azure Essentials
    Watch, Learn, and Try. Jump start your Azure learning. With Azure Essentials, you can: Learn Azure technologies in under an hour, access free Pluralsight courses and Hands-on Demos, track your learning progress and master the skills you need for cloud roles.

  3. Hands on labs
    Acquire the cloud skills you need, at your own pace. Enjoy hands-on learning on your schedule with our free, Self-paced Labs, and keep your cloud knowledge fresh.

Even though I am not sure whether ‘only’ these trainings will deliver enough knowledge and experience in order to pass for an Azure exam, it sure is a good starting point. Later on you can follow additional trainings, whether based on the classic model (classroom), or modern variants, offered by many Microsoft Learning Partners.

None the less, there is no excuse anymore for not understanding Azure Smile.

Thursday, February 22, 2018

Cross Post: SCOM 1801 Upgrade Pitfall With SCOM Reporting Instance

Got this one from the blog of Robert Bird, senior Premier Field Engineer for Microsoft UK. So all credits go to him.

When updating SCOM 2012 R2/2016 to SCOM 1801 you MUST install the SCOM Console (the UI, not the Web Console!!!) on the SSRS instance (the SCOM Reporting server) FIRST.

Otherwise the upgrade of the SCOM Reporting instance will fail. And installing the SCOM Console AFTERWARDS (when the first upgrade has failed) and rerunning the upgrade won’t do.

Go here for the original webposting.

Myth Busting: Windows Defender Sucks. !!!NOT!!!

Too many times I hear from people that they don’t want to use Windows Defender. Why? ‘…Because it’s bad and/or because it sucks…’ Duh! Time to bust that myth since the reality is quite different.

Before I take a deeper dive into it, let me show you this:


As you can see, Windows Defender (version 4.12 specifically) performs very well. Moreover when you consider it’s FREE! Microsoft offers it for NOTHING, zip, nada! And still it delivers and performs! Awesome! And now let me tell you the WHY behind it all.

01 – Darwin’s Law also applies to Windows…
As AV-Test states: There are over 600 million adversaries for Windows! Yes, that’s HUGE! This could work out two ways: Either Windows as a platform ceases to be because of the overwhelming odds against it, OR it adapts, evolves and because of it, becomes stronger.

Since Windows is still around, it seems that the latter has happened! Not without any bumps, quircks and glitches. But still, when looking at ‘the latest & greatest’, Windows 10 I mean, this is true.

By cutting out the weak code, rewriting whole parts of the Windows stack and rethinking about how ‘to do stuff’ Windows has evolved BIG time.

02 – Security is a hard requirement
Microsoft can’t afford it anymore to depend on other vendors for the security of their own ecosystem. This ecosystem begins with your Windows based device and expands into the cloud.

Microsoft has stated some years ago ‘…to be all in…’. And this isn’t marketing mumbo jumbo. Even more with the new mantra ‘mobile and cloud first’, security has become paramount. Whole Microsoft’s future is in the cloud, where your Windows device is just one of the many entrypoints to those cloud based services.

As such, Azure and the entrypoints running Windows have to be safe!

03 – Security Centers, big data and machine learning
So Microsoft not only invests big time in new Azure regions (MEGA datacenters), but also in world wide coverage of security by rolling out security centers, collecting tons of data all about the latest threats. That data is crunched by their own Azure services (Machine Learning, Power BI and so on) in order to detect patterns and to predict the next probable attack vector.

This allows Microsoft to roll out definition files which contain the signatures/hashes of the latests threads. Because of it, Windows Defender grows in strenghth and usability.

04 – The circle
Because Windows Defender is FREE and many people use it on a daily basis, it has a huge install base. As such Windows Defender is the first line of defense against many virusses, worms, trojans and the lot. Much of this information is anonymized and send back to Microsoft’s security centers, allowing them to crunch that data as well.

Because of this information, the next generation of the Windows Defender antimalware client and related definition files becomes even better.

And no, don’t be afraid. Windows Defender won’t send out any other information without your explicit consent:

05 – Security begins by yourself!
But please know that security is also your OWN responsibility.You’re the starting point of it all. A good start is to run an up-to-date operating system. When it’s Windows based, go for Windows 10. Forget about the previous versions.

Endpoint Protection
This product/service is the enterprise equivalent of Windows Defender. There are two choices available, on-premise (SCEP, System Center Endpoint Protection) or the cloud based service, Microsoft Intune Endpoint Protection.

Both run the same engine and use the same definition files, providing the same level of protection as Windows Defender. On top it all, it delivers centralized management of the configuration, like the type of scans, exclusions, the responses when something is found and so on.

Gone are the days that Microsoft’s antivirus solution didn’t work properly. Instead it has grown up to a level where it competes with well known antivirus solutions from other vendors. Of course, per situation a certain solution works out better, like more advanced central management, remidiation and so on.

But still, Windows Defender delivers on what’s meant to do: protect your system(s) against all kind of threads, or as AV-Test states ‘adversaries’.

Next time I bump into someone stating Windows Defender ‘…isn’t good enough…’ I’ll send him/her the link to this posting first Smile

Monday, February 19, 2018

Project Honolulu: No SCOM/OMS Replacement

For some time now there is a preview version of Microsoft Project Honolulu available. This is a new web based platform for locally or remotely managing Windows based systems. As such it also delivers a set of tools, providing a ‘one-stop-shop’ for the admins.

Best part of it all is that there is NO Azure connection required. Instead you only install it locally on a server (Windows Server version 1709 or Windows Server 2016) in ‘Gateway Mode’. It can also be installed on Windows 10 in ‘Desktop Mode’. Good to know as well: The web application created by Project Honolulu DOESN’T work with IE! Instead use Google Chrome or Edge.

Project Honolulu supports management of Windows Server version 1709, Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012.

Even though there is a lot more to tell about Project Honolulu, I won’t do that. Why? Fellow MVPs Charbel Nemnom and Thomas Maurer  already posted some very good articles about it, so there is no need to repeat it here. Just read their postings when you want to know more about it. Kudo’s to the both of them.

Is Project Honolulu the new on-premise SCOM/OMS?
Therefore I wrote this posting, in order to ask that question. Because I got some feedback out of the field, like: ‘Why use SCOM/OMS if there is Project Honolulu on the horizon?’.

A valid question which needs a good answer.

First let me start with the statement made by Microsoft itself: ‘…It is complementary to System Center and Operations Management Suite, and is not intended to replace these products and services…’.

On the same webpage is also stated what Honolulu is aimed at: ‘…Honolulu is a locally deployed, browser-based, management tool set that enables on-premises administration of Windows Servers with no Azure or cloud dependency. Honolulu gives IT Admins full control over all aspects of their Server infrastructure, and is particularly useful for management on private networks that are not connected to the Internet…’.

IMHO, the real strength of Honolulu is that it enables fast and remote management of Windows Server 2016 Core installations. Until now many organizations refrain from installing core because of the additional administrative burden it creates. However, when Project Honolulu play out as intended, those additional administrative burdens may be a thing of the past.

Honolulu + SCOM/OMS
As you can see, Honolulu isn’t meant at all as a SCOM/OMS replacement. SCOM delivers the monitoring, OMS the analytics with ‘some’ workload specific monitoring (minus Set & Forget alerting!) whereas Honolulu enables the one-stop-shop for the management of the servers running the monitored workloads.

My own Honolulu experiences
I’ve played a bit with it. Not really tested it yet. None the less, it’s impressive how easy and fast it’s installed (in the matter of minutes). In production it will take a bit more time because a real certificate is the way to go, and perhaps some high availability as well. Still, the installation can be done within a few hours, which is quite an achievement for Microsoft Smile.

The web application is pretty fast. Good responses and many possibilities. I can imagine with this tool that it becomes the general management point for on-premise Windows servers.

Also the possibility to manage specialized workloads (see screenshot below), makes the platform even more powerful:

None the less, there are some features I would like to see

  1. Central repository
    One (the Honolulu admin) could add servers as required and everyone (with the right permissions) would see them as well;
  2. RBAC
    Within Honolulu additional permissions can be set, like what servers to manage and to what level, or better what tools are to be used for a specific kind of role;
  3. Categories
    Now one can only add an ‘endless’ list of servers. Why not categorize them per application/workload and so on? Enables a smarter RBAC as well when those categories are RBAC ‘sensitive’;
  4. Auditing
    Today, auditing is a hard requirement. So every action should be enabled for logging, based on  the company’s requirements;
  5. SCOM widget, Management Pack with additional tasks
    Why not publish the Honolulu web app in the SCOM Console? And while they’re at it, add some smart SCOM tasks to launch as well when a certain issue arises.

Just test drive Project Honolulu yourself and feel free to share your own experiences.