Tag Archives: announced

Chinese, Iranian hackers targeted Trump and Biden campaigns

Google announced Thursday that state-sponsored Chinese and Iranian hackers targeted campaign staff of both Joe Biden and President Donald Trump in recent election attacks.

In a series of posts on Twitter, Shane Huntley, director of Google’s Threat Analysis Group (TAG), detailed the recent attempts by advanced persistent threat (APT) groups to compromise both presidential campaigns through phishing attacks, which he said were unsuccessful.

“Recently TAG saw China APT group targeting Biden campaign staff and Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement,” Huntley wrote on Twitter.

In addition to confirming the attempted attacks, Huntley also attributed the activity to APT31, a Chinese hacking group also known as Zirconium, and APT35, Iranian hackers also known as Newscaster Team.  

A spokesperson from Google verified the hacking attempt in an email to SearchSecurity.

“We can confirm that our Threat Analysis Group recently saw phishing attempts from a Chinese group targeting the personal email accounts of Biden campaign staff and an Iranian group targeting the personal email accounts of Trump campaign staff. We didn’t see evidence that these attempts were successful. We sent the targeted users our standard government-backed attack warning and we referred this information to federal law enforcement. We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns.”

Phishing has been a major vector in previous election campaign attacks as well. For example, John Podesta, chairman of Hillary Clinton’s 2016 presidential campaign, fell victim to a phishing attack prior to the election.

An investigation by Atlanta-based cybersecurity firm SecureWorks Inc. uncovered a malicious link created with the Bitly URL-shortening service used by hackers to gain access to Podesta’s Gmail account. The Bitly account used to create the link was connected to a domain controlled by the Russian state-sponsored APT group known as Fancy Bear.

Go to Original Article
Author:

Cisco acquisition of ThousandEyes has many user benefits

Cisco plans to acquire internet intelligence vendor ThousandEyes. The acquisition, announced this week, would give Cisco customers better visibility into internet connections among the data center, branch offices and multiple cloud providers.

The Cisco acquisition is expected to be complete by the end of October. After the transaction closes, Cisco’s software-defined WAN customers would be the first to benefit from the combined company, said Shamus McGillicuddy, an analyst at Enterprise Management Associates.

Like most SD-WANs, Cisco’s Viptela product provides users with solid visibility into the virtual network, or overlay, between the SD-WAN at the branch and cloud applications. With ThousandEyes, Cisco would also provide intelligence on the underlay’s performance, which would be the public internet.

“Cisco has the opportunity to offer integrated visibility into both layers of a hybrid network,” McGillicuddy said.

ThousandEyes monitors the performance of traffic paths over the internet through software agents running on dozens of facilities owned by AWS, Google Cloud and Microsoft Azure. The vendor also has agents in the data centers of colocation partners, such as Equinix and Cogent, in more than 150 cities.

ThousandEyes customers also deploy agents on the virtual private clouds companies create to run applications on the infrastructure of public clouds. As a result, the vendor’s customers view internet performance from the software running on a cloud provider to the end user.

ThousandEyes and Cisco AppDynamics

Cisco is likely to provide some integration between ThousandEyes technology and AppDynamics, McGillicuddy said. The latter is Cisco’s product for monitoring the performance of applications and computing infrastructure in the data center.

ThousandEyes has many customers using its technology and AppDynamics as their primary performance management products, the company said.

McGillicuddy said Cisco could also package ThousandEyes with Cisco’s Duo Security two-step authentication service and its AnyConnect VPN software. The combination would provide Cisco customers with tools for improving application access for people working from home during the COVID-19 pandemic.

“This is something that is so important right now with so many people working from home,” McGillicuddy said. “I urge Cisco to focus on this opportunity.”

Cisco did not disclose how much it was paying for ThousandEyes, but Bloomberg reported the cost of the Cisco acquisition was nearly $1 billion. Cisco planned to fold the company into the networking services business unit.

ThousandEyes CEO and co-founder Mohit Lad will become general manager of the ThousandEyes operation, with CTO and co-founder Ricardo Oliveira continuing to lead product development.

Go to Original Article
Author:

Microsoft announces expiration of its exchange offers – Stories

REDMOND, Wash. — May 29, 2020 — Microsoft Corp. (NASDAQ: MSFT) (“Microsoft”) today announced the expiration of its offers to (i) exchange (the “Pool 1 Offer”) the ten series of notes described in the table below (collectively, the “Pool 1 Notes”) for a new series of Microsoft’s 2.525% Notes due June 1, 2050 (the “New 2050 Notes”) and a cash payment, as applicable, and (ii) exchange (the “Pool 2 Offer” and, together with the Pool 1 Offer, the “Exchange Offers”) the four series of notes described in the table below (collectively, the “Pool 2 Notes” and, together with the Pool 1 Notes, the “Existing Notes”) for a new series of Microsoft’s 2.675% Notes due June 1, 2060 (the “New 2060 Notes” and, together with the New 2050 Notes, the “New Notes”) and a cash payment, as applicable.

A Registration Statement on Form S-4 (File No. 333-237925), as amended by Amendment No. 1 thereto (the “Registration Statement”), relating to the issuance of the New Notes has been filed with the Securities and Exchange Commission (the “SEC”) and has become effective. The New Notes, upon issuance, will be registered under the Securities Act of 1933, as amended, pursuant to the Registration Statement.

The table below identifies the aggregate principal amount of each series of Pool 1 Notes validly tendered (and not validly withdrawn) in the Pool 1 Offer and the principal amount of each series of Pool 1 Notes, based on the order of acceptance priority for such series, that Microsoft expects to accept on the Settlement Date (as defined below):

Pool 1 Table
Title of Security CUSIP
Number
Consideration Exchanged for Acceptance Priority
Level
Principal
Amount
Tendered(1)
Principal
Amount
Microsoft Expects to Accept
4.875% Notes due 2043

594918AX2

New 2050 Notes

1 $325,428,000 $325,428,000
5.300% Notes due 2041

594918AM6

New 2050 Notes

2 $229,661,000 $229,661,000
4.450% Notes due 2045

594918BL7

New 2050 Notes

3 $1,711,663,000 $1,711,663,000
4.250% Notes due 2047 594918CA0 New 2050 Notes

4 $1,415,370,000 $1,415,370,000
5.200% Notes due 2039

594918AD6 New 2050 Notes

5

$191,455,000 $191,455,000
4.500% Notes due 2040 594918AJ3 New 2050 Notes

6 $428,829,000

$428,829,000

3.750% Notes due 2043 594918AU8

New 2050 Notes

7 $255,985,000

$255,985,000

3.750% Notes due 2045

594918BD5

New 2050 Notes

8 $1,109,437,000

$1,109,433,000

4.100% Notes due 2037 594918BZ6 New 2050 Notes

9 $1,569,224,000

$583,533,000

4.200% Notes due 2035 594918BK9 New 2050 Notes

10 $325,218,000 $0

 

  1. The aggregate principal amounts of each series that have been validly tendered for exchange and not validly withdrawn, as of 11:59 p.m., New York City time, on May 28, 2020 (the “Expiration Time”), based on information provided by the exchange agent to Microsoft.

The table below identifies the aggregate principal amount of each series of Pool 2 Notes validly tendered (and not validly withdrawn) in the Pool 2 Offer and the principal amount of each series of Pool 2 Notes, based on the order of acceptance priority for such series, that Microsoft expects to accept on the Settlement Date:

Pool 2 Table
Title of Security CUSIP
Number
Consideration Exchanged for Acceptance Priority
Level
Principal
Amount
Tendered(1)
Principal
Amount
Microsoft Expects to Accept
4.750% Notes due 2055

594918BM5 New 2060 Notes

1 $673,265,000 $673,265,000
4.000% Notes due 2055

594918BE3 New 2060 Notes

2 $1,456,150,000 $1,456,150,000
4.500% Notes due 2057

594918CB8 New 2060 Notes

3 $1,116,223,000 $1,116,223,000
3.950% Notes due 2056 594918BU7 New 2060 Notes

4 $1,693,876,000 $295,490,000
  1. The aggregate principal amounts of each series that have been validly tendered for exchange and not validly withdrawn, as of the Expiration Time, based on information provided by the exchange agent to Microsoft.

In the Exchange Offers, according to the information provided by D.F. King & Co., Inc., the information agent and exchange agent for the Exchange Offers, $7,562,270,000 aggregate principal amount of Pool 1 Notes and $4,939,514,000 aggregate principal amount of Pool 2 Notes were validly tendered and not validly withdrawn at or prior to the Expiration Time, as more fully set forth above.

The Exchange Offers expired at 11:59 p.m., New York City time, on May 28, 2020. Following the Expiration Time, tenders of the Existing Notes may not be validly withdrawn. As of the Expiration Time, all conditions to the Exchange Offers were satisfied. Microsoft currently anticipates that the settlement date of the Exchange Offers will be June 1, 2020 (the “Settlement Date”).

Based on the amount of Existing Notes tendered in the Exchange Offers and in accordance with the terms of the Exchange Offers, Microsoft expects to accept, on the Settlement Date, (a) the following Pool 1 Notes validly tendered (and not validly withdrawn): (i) all of the Pool 1 Notes listed in the Pool 1 Table above at Acceptance Priority Levels 1 through 7, (ii) $1,109,433,000 aggregate principal amount of its 3.750% Notes due 2045 (which is less than the amount tendered (and not validly withdrawn) due to minimum denomination requirements of the Exchange Offers) and (iii) $583,533,000 aggregate principal amount of its 4.100% Notes due 2037 with a proration factor for such notes equal to approximately 37.19% of such notes validly tendered (and not validly withdrawn) and (b) the following Pool 2 Notes validly tendered (and not validly withdrawn): (i) all of the Pool 2 Notes listed in the Pool 2 Table at Acceptance Priority Levels 1 through 3 and (ii) $295,490,000 aggregate principal amount of its 3.950% Notes due 2056 with a proration factor for such notes equal to approximately 17.44% of such notes validly tendered (and not validly withdrawn) as set forth above. Microsoft does not expect to accept any of the Pool 1 Notes listed in the Pool 1 Table at Acceptance Priority Level 10.

On the Settlement Date, Microsoft expects to deliver an aggregate principal amount of $6,249,997,000 of New 2050 Notes and an aggregate principal amount of $3,750,000,000 of New 2060 Notes and cash payments, as applicable, pursuant to Microsoft’s prospectus dated May 19, 2020 (the “Prospectus”), filed with the SEC on May 19, 2020, relating to the New Notes.

 About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

Forward-Looking Statements

Statements in this news release are “forward-looking statements” based on current expectations and assumptions that are subject to risks and uncertainties. Actual results could differ materially because of factors described above as well as:

  • intense competition in all of our markets that may lead to lower revenue or operating margins;
  • increasing focus on cloud-based services presenting execution and competitive risks;
  • significant investments in products and services that may not achieve expected returns;
  • acquisitions, joint ventures, and strategic alliances that may have an adverse effect on our business;
  • impairment of goodwill or amortizable intangible assets causing a significant charge to earnings;
  • cyberattacks and security vulnerabilities that could lead to reduced revenue, increased costs, liability claims, or harm to our reputation or competitive position;
  • disclosure and misuse of personal data that could cause liability and harm to our reputation;
  • the possibility that we may not be able to protect information stored in our products and services from use by others;
  • abuse of our advertising or social platforms that may harm our reputation or user engagement;
  • the development of the internet of things presenting security, privacy, and execution risks;
  • issues about the use of artificial intelligence in our offerings that may result in competitive harm, legal liability, or reputational harm;
  • excessive outages, data losses, and disruptions of our online services if we fail to maintain an adequate operations infrastructure;
  • quality or supply problems;
  • the possibility that we may fail to protect our source code;
  • legal changes, our evolving business model, piracy, and other factors may decrease the value of our intellectual property;
  • claims that Microsoft has infringed the intellectual property rights of others;
  • claims against us that may result in adverse outcomes in legal disputes;
  • government litigation and regulatory activity relating to competition rules that may limit how we design and market our products;
  • potential liability under trade protection, anti-corruption, and other laws resulting from our global operations;
  • laws and regulations relating to the handling of personal data that may impede the adoption of our services or result in increased costs, legal claims, fines, or reputational damage;
  • additional tax liabilities;
  • damage to our reputation or our brands that may harm our business and operating results;
  • exposure to increased economic and operational uncertainties from operating a global business, including the effects of foreign currency exchange;
  • uncertainties relating to our business with government customers;
  • adverse economic or market conditions that may harm our business;
  • catastrophic events or geopolitical conditions, such as the COVID-19 pandemic, that may disrupt our business; and
  • the dependence of our business on our ability to attract and retain talented employees.

For more information about risks and uncertainties associated with Microsoft’s business, please refer to the “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Risk Factors” sections of Microsoft’s SEC filings, including, but not limited to, its annual report on Form 10-K and quarterly reports on Form 10-Q that are incorporated by reference in the Prospectus forming a part of the Registration Statement, copies of which may be obtained by contacting Microsoft’s Investor Relations department at (800) 285-7772 or at Microsoft’s Investor Relations website at http://www.microsoft.com/en-us/investor.

Go to Original Article
Author: Microsoft News Center

FedEx and Microsoft join forces to transform commerce – Stories

Companies to collaborate to reinvent the end-to-end commerce experience globally; FedEx Surround announced today as first solution

MEMPHIS, Tenn., and REDMOND, Wash. — May 18, 2020 — FedEx Corp. (NYSE: FDX) and Microsoft Corp. (Nasdaq: MSFT) on Monday announced a new multiyear collaboration to help transform commerce by combining the global digital and logistics network of FedEx with the power of Microsoft’s intelligent cloud. Together, FedEx and Microsoft aim to create opportunities for their customers through multiple joint offerings powered by Azure and Dynamics 365 that will use data and analytics solutions to reinvent the most critical aspects of the commerce experience and enable businesses to better compete in today’s increasingly digital landscape.

“FedEx has been reimagining the supply chain since our first day of operation, and we are taking it to a new level with today’s announcement,” said Frederick W. Smith, chairman and CEO, FedEx. “Together with Microsoft, we will combine the immense power of technology with the vast scale of our infrastructure to help revolutionize commerce and create a network for what’s next for our customers.”

This new strategic alliance represents a long-term commitment between the companies to fuel innovation, collaborate on product development and share subject-matter expertise. Today, FedEx networks link more than 99% of the world’s gross domestic product across 220 countries and territories, and Microsoft Azure is trusted by more than 95% of Fortune 500 companies. By combining the breadth and scale of the FedEx network and the Microsoft cloud, businesses will have an unprecedented level of control and insight into the global movement of goods.

“Now more than ever, organizations are counting on an efficient and capable supply chain to remain competitive and open for business,” said Satya Nadella, CEO, Microsoft.  “Together with FedEx, we will apply the power of Azure, Dynamics 365 and their AI capabilities to this urgent need, building new commerce experiences that transform logistics for our mutual customers around the world.”

Announcing FedEx Surround — driving digital illumination of the physical world

FedEx Surround, the first solution resulting from the FedEx and Microsoft collaboration, allows any business to enhance visibility into its supply chain by leveraging data to provide near-real-time analytics into shipment tracking, which will drive more precise logistics and inventory management. While most carriers are reactive to global logistics dynamics with limited visibility options built into a package’s journey, FedEx Surround will provide near-real-time insights — down to the granular level of ZIP code, for example — to shine a digital light on the progress and movement of physical inventory.

The benefits offered by FedEx Surround will extend to any business with a supply chain and particularly those that depend on highly time-sensitive deliveries. For example, a hospital may urgently need a package to help save a life, or a part may need rapid transport to a manufacturing facility to avoid an operational shutdown. In each instance, the near-real-time data insights provided by FedEx Surround offer a significant advantage to not only the organizations using the platform but also the people they serve.

FedEx Surround can also collect multiple data points gathered through the enhanced scanning and proprietary IoT technology of FedEx and analyze them using Microsoft’s broad suite of AI, machine learning and analytics solutions. This will provide participating businesses with not only enhanced visibility of a package’s location during its journey, but also knowledge of global commerce conditions and external challenges in near-real-time, such as severe weather or natural disasters, mechanical delays, clearance issues, and incorrect addresses. This unprecedented level of data-driven insight will give FedEx Surround customers the opportunity to intervene early and act to avoid logistical slowdowns before they occur to reduce friction and costs. And with every package that ships, FedEx Surround will analyze past trends to identify future opportunities for streamlined shipping, creating a stronger and more resilient commercial ecosystem.

Information regarding FedEx Surround availability will be shared beginning this summer, and customer access will be rolled out in the months ahead.

FedEx and Microsoft expect to announce additional solutions as part of their collaboration in the coming months, which will leverage even more Microsoft technologies, including Dynamics 365. This includes reimagining commerce experiences for businesses to offer consumers more integrated ways to shop, and faster and more efficient deliveries.

Those interested in more details, including visual assets, should visit www.fedex.com/transform.

About FedEx Corp.

FedEx Corp. (NYSE: FDX) provides customers and businesses worldwide with a broad portfolio of transportation, e-commerce and business services. With annual revenues of $70 billion, the company offers integrated business solutions through operating companies competing collectively and managed collaboratively, under the respected FedEx brand. Consistently ranked among the world’s most admired and trusted employers, FedEx inspires its more than 475,000 team members to remain focused on safety, the highest ethical and professional standards and the needs of their customers and communities. To learn more about how FedEx connects people and possibilities around the world, please visit about.fedex.com.

About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

For more information, press only:

Microsoft Media Relations, WE Communications for Microsoft, (425) 638-7777, [email protected]

FedEx Media Relations, (901) 434-8100, [email protected]

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at https://news.microsoft.com/microsoft-public-relations-contacts.

Forward-Looking Statements

Certain statements in this press release may be considered forward-looking statements, such as statements relating to FedEx and Microsoft managements’ views with respect to future events and financial performance. Forward-looking statements include those preceded by, followed by or that include the words “will,” “may,” “could,” “would,” “should,” “believes,” “expects,” “anticipates,” “plans,” “estimates,” “targets,” “projects,” “intends” or similar expressions. Such forward-looking statements are subject to risks, uncertainties and other factors which could cause actual results to differ materially from historical experience or from future results expressed or implied by such forward-looking statements. Potential risks and uncertainties include, but are not limited to, the rate of future e-commerce growth and our ability to successfully compete in the e-commerce market, our ability to successfully introduce e-commerce solutions in the expected time frame, customer acceptance of the FedEx Surround platform and other factors which can be found in FedEx Corp.’s and Microsoft’s respective press releases and filings with the Securities and Exchange Commission. Any forward-looking statement speaks only as of the date on which it is made. FedEx and Microsoft do not undertake or assume any obligation to update or revise any forward-looking statement, whether as a result of new information, future events or otherwise.

Go to Original Article
Author: Microsoft News Center

Microsoft announces pricing terms for its exchange offers and increases the New 2060 Notes Issue Cap – Stories

REDMOND, Wash. — May 14, 2020 — Microsoft Corp. (NASDAQ: MSFT) (“Microsoft”) announced today the pricing terms with respect to its offers to (i) exchange (the “Pool 1 Offer”) the ten series of notes described in the table below (collectively, the “Pool 1 Notes”) for a new series of Microsoft’s 2.525% notes due June 1, 2050 (the “New 2050 Notes”) and a cash payment, as applicable. For each $1,000 principal amount of Pool 1 Notes validly tendered and not validly withdrawn prior to 11:59 p.m., New York City time, on May 28, 2020 (the “Expiration Time”) and accepted by Microsoft, the following table sets forth the yield, the total exchange consideration, the principal amount of the New 2050 Notes and the amount of the cash payment, as applicable:

Pool 1 Table(1)
Title of
Security
CUSIP
Number
Acceptance Priority Level Reference
UST Security(2)
Fixed
Spread
(basis
points)
Yield(3) Early
Exchange
Premium(4)
Total
Exchange
Consideration
(4)(5)
Principal
Amount
of New
Notes(6)
Cash Payment(4)
4.875% Notes due 2043

594918AX2

1 30-year +110 2.375% $30 $1,441.62 $1,000.00 $441.62
5.300% Notes due 2041

594918AM6

2 30-year +105 2.325% $30 $1,486.31 $1,000.00 $486.31
4.450% Notes due 2045

594918BL7

3 30-year +110 2.375% $30 $1,388.59 $1,000.00 $388.59
4.250% Notes due 2047

594918CA0 4 30-year +110 2.375% $30 $1,363.95 $1,000.00 $363.95
5.200% Notes due 2039

594918AD6 5 30-year +95 2.225% $30 $1,458.92 $1,000.00 $458.92
4.500% Notes due 2040

594918AJ3 6 30-year +100 2.275% $30 $1,360.57 $1,000.00 $360.57
3.750% Notes due 2043

594918AU8

7 30-year +110 2.375% $30 $1,237.91 $1,000.00 $237.91
3.750% Notes due 2045

594918BD5

8 30-year +110 2.375% $30 $1,251.94 $1,000.00 $251.94
4.100% Notes due 2037

594918BZ6 9 30-year +87 2.145% $30 $1,266.05 $1,000.00 $266.05
4.200% Notes due 2035 594918BK9 10 30-year +75 2.025% $30 $1,278.89 $1,000.00 $278.89
  1. The figures in this table assume a settlement date of June 1, 2020.
  2. The “30-year Reference UST Security” refers to the 2.375% U.S. Treasury Notes due November 15, 2049.
  3. Reflects the bid-side yield of the 30-year Reference UST Security as of the pricing time of 1.275% plus the applicable Fixed Spread, calculated in accordance with the procedures set forth in the Prospectus.
  4. Per $1,000 principal amount of Pool 1 Notes.
  5. Holders who validly tender Pool 1 Notes after 5:00 p.m., New York City time, on May 13, 2020 (the “Early Exchange Time”) will not be eligible to receive the Early Exchange Premium of $30 principal amount of the New 2050 Notes for each $1,000 principal amount of Pool 1 Notes validly tendered and not withdrawn. For the avoidance of doubt, the $30 per $1,000 Early Exchange Premium is included within the total exchange consideration and is not in addition to the total exchange c
  6. Does not reflect any accrued and unpaid interest. The Company will pay accrued and unpaid interest on the Existing Notes up to, but not including, the settlement date.

and (ii) exchange (the “Pool 2 Offer” and, together with the Pool 1 Offer, the “Exchange Offers”) the four series of notes described in the table below (collectively, the “Pool 2 Notes” and, together with the Pool 1 Notes, the “Existing Notes”) for a new series of Microsoft 2.675% notes due June 1, 2060 (the “New 2060 Notes” and, together with the New 2050 Notes, the “New Notes”) and a cash payment, as applicable. For each $1,000 principal amount of Pool 2 Notes validly tendered and not validly withdrawn prior to the Expiration Time and accepted by Microsoft, the following table sets forth the yield, the total exchange consideration, the principal amount of the New 2060 Notes and the amount of the cash payment, as applicable:

Pool 2 Table(1)
Title of
Security
CUSIP
Number
Acceptance Priority Level Reference
UST Security(2)
Fixed
Spread
(basis
points)
Yield(3) Early
Exchange
Premium(4)
Total
Exchange
Consideration
(4)(5)
Principal
Amount
of New
Notes(6)
Cash Payment(4)
4.750% Notes due 2055

594918BM5 1 30-year +125 2.525% $30 $1,514.30 $1,138.86 $375.44
4.000% Notes due 2055

594918BE3 2 30-year +125 2.525% $30 $1,336.46 $1,000.00 $336.46
4.500% Notes due 2057

594918CB8 3 30-year +125 2.525% $30 $1,466.62 $1,107.32 $359.30
3.950% Notes due 2056 594918BU7 4 30-year +125 2.525% $30 $1,333.83 $1,000.00 $333.83
  1. The figures in this table reflect any optional adjustments of the total exchange consideration as permitted under the terms and conditions in the Prospectus forming part of the Registration Statement and assume a settlement date of June 1, 2020.
  2. The “30-year Reference UST Security” refers to the 2.375% U.S. Treasury Notes due November 15, 2049.
  3. Reflects the buy-side yield of the 30-year Reference UST Security as of the pricing time of 1.275% plus the applicable Fixed Spread, calculated in accordance with the procedures set forth in the Prospectus.
  4. Per $1,000 principal amount of Pool 2 Notes.
  5. Holders who validly tender Pool 2 Notes after the Early Exchange Time will not be eligible to receive the Early Exchange Premium of $30 principal amount of the New 2060 Notes for each $1,000 principal amount of Pool 2 Notes validly tendered and not withdrawn. For the avoidance of doubt, the $30 per $1,000 Early Exchange Premium is included within the total exchange consideration and is not in addition to the total exchange c
  6. Does not reflect any accrued and unpaid interest. The Company will pay accrued and unpaid interest on the Existing Notes up to, but not including, the settlement date.

The aggregate principal amount of Pool 1 Notes and Pool 2 Notes of each series that are accepted for exchange will be based on the order of acceptance priority for such series, as applicable, as set forth in the tables above, up to $6,250,000,000 aggregate principal amount (the “New 2050 Notes Issue Cap”) and up to $3,750,000,000 aggregate principal amount (the “New 2060 Notes Issue Cap,” increased from $3,000,000,000), respectively. Holders who validly tender the Existing Notes after the Early Exchange Time but on or before the Expiration Time will only be eligible to receive the Exchange Consideration, which equals the Total Exchange Consideration minus the Early Exchange Premium as detailed in the tables above.

As permitted under the terms and conditions in the Registration Statement (as defined below), the Company has elected to increase the Cash Payment Percent of Premium on the 4.750% Notes due 2055 from 70% to 73%, the 4.500% Notes due 2057 from 70% to 77%, and the 3.950% Notes due 2056 from 90% to 100%. These changes are reflected in the Cash Payment amounts shown in the tables above.

In addition to the principal amount of New Notes and applicable cash payment specified in the tables above, holders with Existing Notes that are accepted for exchange will receive a cash payment representing (i) all or a portion of the accrued and unpaid interest to, but not including, the settlement date, and (ii) amounts due in lieu of any fractional amounts of New Notes, in each case, as described in the Prospectus.

A Registration Statement on Form S-4, including a prospectus (the “Prospectus”), which is subject to change, relating to the New Notes has been filed with the Securities and Exchange Commission (the “SEC”) on April 30, 2020 (the “Registration Statement”) but has not yet become effective. The New Notes may not be sold nor may offers to buy be accepted prior to the time the Registration Statement becomes effective. If and when issued, the New Notes will be registered under the Securities Act of 1933, as amended. This news release does not constitute an offer or a solicitation by Microsoft of an offer to buy, nor shall there be any sale of securities in any state in which such offer or solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such state.

Consummation of the Exchange Offers is subject to a number of conditions as set forth in the Prospectus included in the Registration Statement, including, among other things, the Registration Statement of which the Prospectus forms a part having been declared effective by the SEC and remaining effective on the settlement date.

The Exchange Offers are made only by and pursuant to the terms and subject to the conditions set forth in the Prospectus, which forms a part of the Registration Statement after it is declared effective by the SEC, and the information in this news release is qualified by reference to such Prospectus and the Registration Statement. None of Microsoft, the dealer managers, or the information agent and exchange agent makes any recommendations as to whether holders should tender their Existing Notes pursuant to the Exchange Offers. Holders must make their own decisions as to whether to tender Existing Notes and, if so, the principal amount of Existing Notes to tender.

Copies of the Prospectus pursuant to which the Exchange Offers are being made, may be obtained from D.F. King & Co., Inc., the information agent and exchange agent for the Exchange Offers, at 212-269-5552 (to exchange), at 800-431-9645 (for information U.S. Toll-free), at 212-269-5550 (information for brokers), at www.dfking.com/microsoft, or at [email protected].  Questions regarding the terms and conditions of the Exchange Offers should be directed to the following joint lead dealer managers:

  BofA Securities

620 South Tryon Street, 20th Floor

Charlotte, NC 28255

Toll Free: (888) 292-0070

Collect: (980) 387-3907

Attn: Liability Management Group

    Deutsche Bank Securities Inc.

60 Wall Street

New York, NY 10005

Toll Free: (866) 627-0391

Collect: (212) 250-2955

Attn: Liability Management Group

In order to participate in any Exchange Offer, holders of the Existing Notes located or resident in Canada are required to complete, sign and submit to the exchange agent a Canadian Eligibility Form, which may be obtained from D.F. King & Co., Inc. contacts above, to confirm they satisfy applicable Canadian eligibility requirements and to provide certain additional information.

Any holder of the Existing Notes located in any Member State of the European Economic Area or in the United Kingdom that is a retain investor will not be able to participate in the Exchange Offers. For these purposes, a retain investor means a person who is one or more of the following: (i) a retail client as defined in point (11) of Article 4(1) of the EU Directive on Markets in Financial Instruments (2014/65/EU) (as amended, “MiFID II”); or (ii) a customer within the meaning of Directive (EU) 2016/97, where that customer would not qualify as a professional client as defined in point (10) of Article (4)(1) of MiFID II.

About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

Forward-Looking Statements

Statements in this news release are “forward-looking statements” based on current expectations and assumptions that are subject to risks and uncertainties. Actual results could differ materially because of factors described above as well as:

  • intense competition in all of our markets that may lead to lower revenue or operating margins;
  • increasing focus on cloud-based services presenting execution and competitive risks;
  • significant investments in products and services that may not achieve expected returns;
  • acquisitions, joint ventures, and strategic alliances that may have an adverse effect on our business;
  • impairment of goodwill or amortizable intangible assets causing a significant charge to earnings;
  • cyberattacks and security vulnerabilities that could lead to reduced revenue, increased costs, liability claims, or harm to our reputation or competitive position;
  • disclosure and misuse of personal data that could cause liability and harm to our reputation;
  • the possibility that we may not be able to protect information stored in our products and services from use by others;
  • abuse of our advertising or social platforms that may harm our reputation or user engagement;
  • the development of the internet of things presenting security, privacy, and execution risks;
  • issues about the use of artificial intelligence in our offerings that may result in competitive harm, legal liability, or reputational harm;
  • excessive outages, data losses, and disruptions of our online services if we fail to maintain an adequate operations infrastructure;
  • quality or supply problems;
  • the possibility that we may fail to protect our source code;
  • legal changes, our evolving business model, piracy, and other factors may decrease the value of our intellectual property;
  • claims that Microsoft has infringed the intellectual property rights of others;
  • claims against us that may result in adverse outcomes in legal disputes;
  • government litigation and regulatory activity relating to competition rules that may limit how we design and market our products;
  • potential liability under trade protection, anti-corruption, and other laws resulting from our global operations;
  • laws and regulations relating to the handling of personal data that may impede the adoption of our services or result in increased costs, legal claims, fines, or reputational damage;
  • additional tax liabilities;
  • damage to our reputation or our brands that may harm our business and operating results;
  • exposure to increased economic and operational uncertainties from operating a global business, including the effects of foreign currency exchange;
  • uncertainties relating to our business with government customers;
  • adverse economic or market conditions that may harm our business;
  • catastrophic events or geopolitical conditions, such as the COVID-19 pandemic, that may disrupt our business; and
  • the dependence of our business on our ability to attract and retain talented employees.

For more information about risks and uncertainties associated with Microsoft’s business, please refer to the “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Risk Factors” sections of Microsoft’s SEC filings, including, but not limited to, its annual report on Form 10-K and quarterly reports on Form 10-Q that are incorporated by reference in the Prospectus forming a part of the Registration Statement, copies of which may be obtained by contacting Microsoft’s Investor Relations department at (800) 285-7772 or at Microsoft’s Investor Relations website at http://www.microsoft.com/en-us/investor.

Go to Original Article
Author: Microsoft News Center

Maze ransomware gang pledges to stop attacking hospitals

The notorious Maze ransomware gang announced Wednesday that it will not attack any healthcare organizations during the COVID-19 pandemic.

The pandemic has put a strain hospitals and public health agencies in recent weeks as governments across the globe struggle to contain the spread of COVID-19, also known as the new coronavirus. Some security vendors have expressed concern that coronavirus-related threats could soon include ransomware attacks, which would have a crippling effect on healthcare and government organizations working on treatment and containment of the virus.

But at least one cybercrime outfit is pledging to refrain from such attacks, at least on healthcare organizations. The Maze ransomware gang, which last year began “shaming” victims by exfiltrating and publishing organizations’ sensitive data, promised to ” stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus,” according to an announcement on its website.

BleepingComputer, which first reported the announcement, also contacted other ransomware operators about stopping attacks on healthcare and medical organizations during the pandemic. The DoppelPaymer gang also pledged to stop such attacks, though other ransomware groups such as Ryuk and Sodinokibi/REvil did not respond to Bleeping Computer’s queries.

The Maze gang’s pledge, however, says nothing about attacks on city, state or local governments or public health agencies. The Maze gang also said it will “help commercial organizations as much as possible” during the pandemic by offering “exclusive discounts” on ransoms to both current and future ransomware victims; the cybercriminals said they will provide decryptors and deleted any data published on its website.

A screenshot of the Maze ransomware gang's announcement that it will not attack healthcare organizations during the coronavirus pandemic.
A screenshot of the Maze ransomware gang’s announcement that it will not attack healthcare organizations during the coronavirus pandemic.

Despite the promises of the DoppelPaymer and Maze ransomware gangs, it’s unclear how much control they have over what organizations are attacked. Many outfits use a ransomware-as-a-service model where they develop the malicious code and then sell it to other cybercriminals, which are often called affiliates.

These affiliates then conduct the actual intrusions, data exfiltration and ransomware deployment and pay the authors. Many ransomware incidents are initiated through phishing emails and brute-force attacks on remote desktop protocol instances; threat researchers have said it’s likely that ransomware actors aren’t specifically targeting organizations by name or industry and are merely capitalizing on the most vulnerable networks.

Go to Original Article
Author:

How Genesys is personalizing the customer experience with Engage, Azure and AI | Transform

Microsoft and Genesys, a global provider of contact center software, recently announced a partnership to enable enterprises to run Genesys’ omnichannel customer experience solution, Genesys Engage, on Microsoft Azure. According to the two companies, this combination will provide a secure cloud environment to help companies more easily leverage AI to address customer needs on any channel.

Headquartered in Daly City, California, Genesys has more than 5,000 employees in nearly 60 offices worldwide. Every year, the company supports more than 70 billion customer experiences for organizations like Coca-Cola Business Services North America, eBay, Heineken, Lenovo, PayPal, BOSCH, Quicken and more.

Transform spoke with Barry O’Sullivan, executive vice president and general manager of Multicloud Solutions for Genesys, to explore how technology is reinventing the customer service experience.

TRANSFORM: How are technologies like artificial intelligence (AI), machine learning and cloud transforming the customer service sector?

O’SULLIVAN: It’s broader than customer service. It’s the entire customer experience, which encompasses any point at which businesses engage with consumers, whether it’s in a marketing, sales or service context. What cloud, AI and machine learning enable is the ability to make every experience unique to each individual. Every consumer wants to feel like they’re the only customer that matters during each interaction with a brand. These technologies allow organizations to understand what customers are doing, predict what they will need next and then deliver it in real time.

Traditionally, companies haven’t been able to do that well, because it’s hard to get a fix on a consumer as they move between channels. Maybe they come to a physical store one day, then call the next day or engage via web chat. These technologies allow brands to stitch together every customer interaction, and then use the resulting data to personalize the experience.

TRANSFORM: Can you talk a little bit more about that customer journey and what customers will experience going forward?

O’SULLIVAN: Let’s use contacting the cable company to get internet service as an example. You check out their website, but maybe you get stuck and use web chat to interact with a customer service representative. Today’s technologies allow businesses to connect the dots to better understand the customer.

Before these technologies were available, interactions were disconnected, and important customer details and context didn’t move from one department or agent to the next. We all know what that’s like – just think about a customer service experience when you had to repeat your name and birthdate every time you were passed to a new agent.

Today’s technology can tie together a customer’s details, like their favored communication channel, past purchases, prior service requests and more, so the business really knows them. Then, using AI, it can match that customer with the contact center agent who has the best chance of successfully resolving the issue and achieving a specific business outcome, such as making a related sale.

TRANSFORM: All of those kinds of experiences seem to be present in some form today. Is there a change coming that’s going to take the consumer experience to the next level?

O’SULLIVAN: Personalized service is not a new concept, but very few businesses get it right. Today, it’s about so much more than targeting personas or market segments.

It’s really about enabling organizations to link together their customers’ and employees’ experiences to deliver truly memorable, one-of-a-kind interactions. When it’s done right, organizations already know who the customer is, what he or she wants and the best way to deliver it.

That means understanding customers so well that businesses know the best times to contact them, on which channel and even the best days for an appointment. It’s no longer one-size-fits-all service – it’s tailor-made customer care for each consumer.

TRANSFORM: Are your own customers ready to adopt the technologies to enable this kind of new experience?

O’SULLIVAN: When it comes to cloud, it’s not a question of if, but when and how. And that’s one of the reasons the announcement between Genesys and Microsoft is so exciting. We have a lot of customers, especially large enterprises, who love Genesys and love Azure and really want to see that combination come together. So, giving them that option and that choice is really going to accelerate the migration to cloud.

In terms of adopting AI and machine learning, many companies are in the early phases, but recognize the enormous potential of the technology. What makes AI truly compelling in the customer experience market is its ability to unlock data. Increasingly, businesses use digital channels, like web chat and text, to communicate with consumers, which combined with traditional voice interactions has resulted in copious amounts of data being produced daily. The key for organizations is figuring out how to harness and leverage it to more fully understand customers, their experiences and behaviors, as well as the needs of human agents. That’s where Genesys comes in.

TRANSFORM: How would you describe your experience working with Microsoft?

O’SULLIVAN: It’s a great partnership because we’ve got a common view of the customer and a very aligned vision on cloud. It’s all about delivering agility and innovation quickly and reliably to our joint customers. So, it really helps when we’re both all in on the cloud, all in on customer experience.

Our customers are really excited about this combination of Genesys and Azure. They can simplify their maintenance, reduce costs and streamline the buying process. We believe in the advantages of moving to cloud, and obviously Azure is a leader there.

Go to Original Article
Author: Microsoft News Center

Microsoft announces it will be carbon negative by 2030 – Stories

REDMOND, Wash. — Jan. 16, 2020 — Microsoft Corp. on Thursday announced an ambitious goal and a new plan to reduce and ultimately remove its carbon footprint. By 2030 Microsoft will be carbon negative, and by 2050 Microsoft will remove from the environment all the carbon the company has emitted either directly or by electrical consumption since it was founded in 1975.

At an event at its Redmond campus, Microsoft Chief Executive Officer Satya Nadella, President Brad Smith, Chief Financial Officer Amy Hood, and Chief Environmental Officer Lucas Joppa announced the company’s new goals and a detailed plan to become carbon negative.

“While the world will need to reach net zero, those of us who can afford to move faster and go further should do so. That’s why today we are announcing an ambitious goal and a new plan to reduce and ultimately remove Microsoft’s carbon footprint,” said Microsoft President Brad Smith. “By 2030 Microsoft will be carbon negative, and by 2050 Microsoft will remove from the environment all the carbon the company has emitted either directly or by electrical consumption since it was founded in 1975.”

The Official Microsoft Blog has more information about the company’s bold goal and detailed plan to remove its carbon footprint: https://blogs.microsoft.com/?p=52558785.

The company announced an aggressive program to cut carbon emissions by more than half by 2030, both for our direct emissions and for our entire supply and value chain. This includes driving down our own direct emissions and emissions related to the energy we use to near zero by the middle of this decade. It also announced a new initiative to use Microsoft technology to help our suppliers and customers around the world reduce their own carbon footprints and a new $1 billion climate innovation fund to accelerate the global development of carbon reduction, capture and removal technologies. Beginning next year, the company will also make carbon reduction an explicit aspect of our procurement processes for our supply chain. A new annual Environmental Sustainability Report will detail Microsoft’s carbon impact and reduction journey. And lastly, the company will use its voice and advocacy to support public policy that will accelerate carbon reduction and removal opportunities.

More information can be found at the Microsoft microsite: https://news.microsoft.com/climate.

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

For more information, press only:

Microsoft Media Relations, WE Communications, (425) 638-7777, [email protected]

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at https://news.microsoft.com/microsoft-public-relations-contacts.

Go to Original Article
Author: Microsoft News Center

5/14: Hyper-V HyperClear Update

‎05-14-2019 12:54 PM

Four new speculative execution side channel vulnerabilities were announced today and affect a wide array of Intel processors. The list of affected processors includes Intel Xeon, Intel Core, and Intel Atom models. These vulnerabilities are referred to as CVE-2018-12126 Microarchitectural Store Buffer Data Sampling (MSBDS), CVE-2018-12130 Microarchitectural Fill Buffer Data Sampling (MFBDS), CVE-2018-12127 Microarchitectural Load Port Data Sampling (MLPDS), and CVE-2018-11091 Microarchitectural Data Sampling Uncacheable Memory (MDSUM). These vulnerabilities are like other Intel CPU vulnerabilities disclosed recently in that they can be leveraged for attacks across isolation boundaries. This includes intra-OS attacks as well as inter-VM attacks.

In a previous blog post, the Hyper-V hypervisor engineering team described our high-performing and comprehensive side channel vulnerability mitigation architecture, HyperClear. We originally designed HyperClear as a defense against the L1 Terminal Fault (a.k.a. Foreshadow) Intel side channel vulnerability. Fortunately for us and for our customers, HyperClear has proven to be an excellent foundation for mitigating this new set of side channel vulnerabilities. In fact, HyperClear required a relatively small set of updates to provide strong inter-VM and intra-OS protections for our customers. These updates have been deployed to Azure and are available in Windows Server 2016 and later supported releases of Windows and Windows Server. Just as before, the HyperClear mitigation allows for safe use of hyper-threading in a multi-tenant virtual machine hosting environment.

We have already shared the technical details of HyperClear and the set of required changes to mitigate this new set of hardware vulnerabilities with industry partners. However, we know that many of our customers are also interested to know how we’ve extended the Hyper-V HyperClear architecture to provide protections against these vulnerabilities.

As we described in the original HyperClear blog post, HyperClear relies on 3 main components to ensure strong inter-VM isolation:

  1. Core Scheduler
  2. Virtual-Processor Address Space Isolation
  3. Sensitive Data Scrubbing

As we extended HyperClear to mitigate these new vulnerabilities, the fundamental components of the architecture remained constant. However, there were two primary hypervisor changes required:

  1. Support for a new Intel processor feature called MbClear. Intel has been working to add support for MbClear by updating the CPU microcode for affected Intel hardware. The Hyper-V hypervisor uses this new feature to clear microarchitectural buffers when switching between virtual processors that belong to different virtual machines. This ensures that when a new virtual processor begins to execute, there is no data remaining in any microarchitectural buffers that belongs to a previously running virtual processor. Additionally, this new processor feature may be exposed to guest operating systems to implement intra-OS mitigations.
  2. Always-enabled sensitive data scrubbing. This ensures that the hypervisor never leaves sensitive data in hypervisor-owned memory when it returns to guest kernel-mode or guest user-mode. This prevents the hypervisor from being used as a gadget by guest user-mode. Without always-enabled sensitive data scrubbing, the concern would be that guest user-mode can deliberately trigger hypervisor entry and that the CPU may speculatively fill a microarchitectural buffer with secrets remaining in memory from a previous hypervisor entry triggered by guest kernel-mode or a different guest user-mode application. Always-enabled sensitive data scrubbing fully mitigates this concern. As a bonus, this change improves performance on many Intel processors because it enables the Hyper-V hypervisor to more efficiently mitigate other previously disclosed Intel side channel speculation vulnerabilities.

Overall, the Hyper-V HyperClear architecture has proven to be a readily extensible design providing strong isolation boundaries against a variety of speculative execution side channel attacks with negligible impact on performance.

Go to Original Article
Author: brucesherwin

How to Use Azure Arc for Hybrid Cloud Management and Security

Azure Arc is a new hybrid cloud management option announced by Microsoft in November of 2019. This article serves as a single point of reference for all things Azure Arc.

According to Microsoft’s CEO Satya Nadella, “Azure Arc really marks the beginning of this new era of hybrid computing where there is a control plane built for multi-cloud, multi-edge” (Microsoft Ignite 2019 Keynote at 14:40). That is a strong statement from one of the industry leaders in cloud computing, especially since hybrid cloud computing has already been around for a decade. Essentially Azure Arc allows organizations to use Azure’s management technologies (“control plane”) to centrally administer public cloud resources along with on-premises servers, virtual machines, and containers. Since Microsoft Azure already manages distributed resources at scale, Microsoft is empowering its users to utilize these same features for all of their hardware, including edge servers. All of Azure’s AI, automation, compliance and security best practices are now available to manage all of their distributed cloud resources, and their underlying infrastructure, which is known as “connected machines.” Additionally, several of Azure’s AI and data services can now be deployed on-premises and centrally managed through Azure Arc, enhancing local and offline management and offering greater data sovereignty. Again, this article will provide an overview of the Azure Arc technology and its key capabilities (currently in Public Preview) and will be updated over time.

Video Preview of Azure Arc

Contents

Getting Started with Azure Arc

Azure Services with Azure Arc

Azure Artificial Intelligence (AI) with Azure Arc

Azure Automation with Azure Arc

Azure Cost Management & Billing with Azure Arc

Azure Data Services with Azure Arc

Cloud Availability with Azure Arc

Azure Availability & Resiliency with Azure Arc

Azure Backup & Restore with Azure Arc

Azure Site Recovery & Geo-Replication with Azure Arc

Cloud Management with Azure Arc

Management Tools with Azure Arc

Managing Legacy Hardware with Azure Arc

Offline Management with Azure Arc

Always Up-To-Date Tools with Azure Arc

Cloud Security & Compliance with Azure Arc

Azure Key Vault with Azure Arc

Azure Monitor with Azure Arc

Azure Policy with Azure Arc

Azure Security Center with Azure Arc

Azure Advanced Threat Protection with Azure Arc

Azure Update Management with Azure Arc

Role-Based Access Control (RBAC) with Azure Arc

DevOps and Application Management with Azure Arc

Azure Kubernetes Service (AKS) & Kubernetes App Management with Azure Arc

Other DevOps Tools with Azure Arc

DevOps On-Premises with Azure Arc

Elastic Scalability & Rapid Deployment with Azure Arc

Hybrid Cloud Integration with Azure Arc

Azure Stack Hub with Azure Arc

Azure Stack Edge with Azure Arc

Azure Stack Hyperconverged Infrastructure (HCI) with Azure Arc

Managed Service Providers (MSPs) with Azure Arc

Azure Lighthouse Integration with Azure Arc

Third-Party Integration with Azure Arc

Amazon Web Services (AWS) Integration with Azure Arc

Google Cloud Platform (GCP) Integration with Azure Arc

IBM Kubernetes Service Integration with Azure Arc

Linux VM Integration with Azure Arc

VMware Cloud Solution Integration with Azure Arc

Getting Started with Azure Arc

The Azure Arc public preview was announced in November 2019 at the Microsoft Ignite conference to much fanfare. In its initial release, many fundamental Azure services are supported along with Azure Data Services. Over time, it is expected that a majority of Azure Services will be supported by Azure Arc.

To get started with Azure Arc, check out the following guides and documentation provided by Microsoft.

Additional information will be added once it is made available.

Azure Services with Azure Arc

One of the fundamental benefits of Azure Arc is the ability to bring Azure services to a customer’s own datacenter. In its initial release, Azure Arc includes services for AI, automation, availability, billing, data, DevOps, Kubernetes management, security, and compliance. Over time, additional Azure services will be available through Azure Arc.

Azure Artificial Intelligence (AI) with Azure Arc

Azure Arc leverages Microsoft Azure’s artificial intelligence (AI) services, to power some of its advanced decision-making abilities learned from managing millions of devices at scale. Since Azure AI is continually monitoring billions of endpoints, it is able to perform tasks that can only be achieved at scale, such as identifying an emerging malware attack. Azure AI improves security, compliance, scalability and more for all cloud resources managed by Azure Arc. The services which run Azure AI are hosted in Microsoft Azure, and in disconnected environments, much of the AI processing can run on local servers using Azure Stack Edge.

For more information about Azure AI visit https://azure.microsoft.com/en-us/overview/ai-platform.

Azure Automation with Azure Arc

Azure Automation is a service provided by Azure that automates repetitive tasks which can be time-consuming or error-prone. This saves the organization significant time and money while helping them maintain operational consistency. Custom automation scripts can get triggered by a schedule or an event to automate servicing, track changes, collect inventory and much more. Since Azure Automation uses PowerShell, Python, and graphical runbooks, it can manage diverse software and hardware that supports PowerShell or has APIs. With Azure Arc, any on-premises connected machines and the applications they host can be integrated and automated with any Azure Automation workflow. These workflows can also be run locally on disconnected machines.

For more information about Azure Automation visit https://azure.microsoft.com/en-in/services/automation.

Azure Cost Management & Billing with Azure Arc

Microsoft Azure and other cloud providers use a consumption-based billing model so that tenants only pay for the resources which they consume. Azure Cost Management and Billing provides granular information to understand how cloud storage, network, memory, CPUs and any Azure services are being used. Organizations can set thresholds and get alerts when any consumer or business unit approaches or exceeds their limits. With Azure Arc, organizations can use cloud billing to optimize and manage costs for their on-premises resources also. In addition to Microsoft Azure and Microsoft hybrid cloud workloads, all Amazon AWS spending can be integrated into the same dashboard.

For more information about Azure Cost Management and Billing visit https://azure.microsoft.com/en-us/services/cost-management.

Azure Data Services with Azure Arc

Azure Data Services is the first major service provided by Azure Arc for on-premises servers. This was the top request of many organizations which want the management capabilities of Microsoft Azure, yet need to keep their data on-premises for data sovereignty. This makes Azure Data Services accessible to companies that must keep their customer’s data onsite, such as those working within regulated industries or those which do not have an Azure datacenter within their country.

In the initial release, both Azure SQL Database and Azure Database for PostgreSQL Hyperscale will be available for on-premises deployments. Now organizations can run and offer database as a service (DBaaS) as a platform as a service (PaaS) offering to their tenants. This makes it easier for users to deploy and manage cloud databases on their own infrastructure, without the overhead of setting up and maintaining the infrastructure on a physical server or virtual machine. The Azure Data Services on Azure Arc still require an underlying Kubernetes cluster, but many management frameworks are supported by Microsoft Azure and Azure Arc.

All of the other Azure Arc benefits are included with the data services, such as automation, backup, monitoring, scaling, security, patching and cost management. Additionally, Azure Data Services can run on both connected and disconnected machines. The latest features and updates to the data services are automatically pushed down from Microsoft Azure to Azure Arc members so that the infrastructure is always current and consistent.

For more information about Azure Data Services with Azure Arc visit https://azure.microsoft.com/en-us/services/azure-arc/hybrid-data-services.

Cloud Availability with Azure Arc

One of the main advantages offered by Microsoft Azure is access to its unlimited hardware spread across multiple datacenters which provide business continuity. This gives Azure customers numerous ways to increase service availability, retain more backups, and gain disaster recovery capabilities. With the introduction of Azure Arc, these features provide even greater integration between on-premises servers and Microsoft Azure.

Azure Availability & Resiliency with Azure Arc

With Azure Arc, organizations can leverage Azure’s availability and resiliency features for their on-premises servers. Virtual Machine Scale Sets allow automatic application scaling by rapidly deploying dozens (or thousands) of VMs to quickly increase the processing capabilities of a cloud application. Integrated load-balancing will distribute network traffic, and redundancy is built into the infrastructure to eliminate single points of failure. VM Availability Sets give administrators the ability to select a group of related VMs and force them to distribute themselves across different physical servers. This is recommended for redundant servers or guest clusters where it is important to have each virtualized instanced spread out so that the loss of a single host will not take down an entire service. Azure Availability Zones extend this concept across multiple datacenters by letting organizations deploy datacenter-wide protection schemes that distribute applications and their data across multiple sites. Azure’s automated updating solutions are availability-aware so they will keep services online during a patching cycle, serially updating and rebooting a subset of hosts. Azure Arc helps hybrid cloud services take advantage of all of the Azure resiliency features.

For more information about Azure availability and resiliency visit https://azure.microsoft.com/en-us/features/resiliency.

Azure Backup & Restore with Azure Arc

Many organizations limit their backup plans because of their storage constraints since it can be costly to store large amounts of data which may not need to be accessed again. Azure Backup helps organizations by allowing their data to be backed up and stored on Microsoft Azure. This usually reduces costs as users are only paying for the storage capacity they are using. Additionally storing backups offsite helps minimize data loss as offsite backups provide resiliency to site-wide outages and can protect customers from ransomware. Azure Backup also offers compression, encryption and retention policies to help organizations in regulated industries. Azure Arc manages the backups and recovery of on-premises servers with Microsoft Azure, with the backups being stored in the customer’s own datacenter or in Microsoft Azure.

For more information about Azure Backup visit https://azure.microsoft.com/en-us/services/backup.

Azure Site Recovery & Geo-Replication with Azure Arc

One of the more popular hybrid cloud features enabled with Microsoft Azure is the ability to replicate data from an on-premises location to Microsoft Azure using Azure Site Recovery (ASR). This allows users to have a disaster recovery site without needing to have a second datacenter. ASR is easy to deploy, configure, operate and even tests disaster recovery plans. Using Azure Arc it is possible to set up geo-replication to move data and services from a managed datacenter running Windows Server Hyper-V, VMware vCenter or Amazon Web Services (AWS) public cloud. Destination datacenters can include other datacenters managed by Azure Arc, Microsoft Azure and Amazon AWS.

For more information about Azure Site Recovery visit https://azure.microsoft.com/en-us/services/site-recovery.

Cloud Management with Azure Arc

Azure Arc introduces some on-premises management benefits which were previously available only in Microsoft Azure. These help organizations administer legacy hardware and disconnected machines with Azure-consistent features using multiple management tools.

Management Tools with Azure Arc

One of the fundamental design concepts of Microsoft Azure is to have centralized management layers (“planes”) that support diverse hardware, data, and administrative tools. The fabric plane controls the hardware through a standard set of interfaces and APIs. The data plane allows unified management of structured and unstructured data. And the control plane offers centralized management through various interfaces, including the GUI-based Azure Portal, Azure PowerShell, and other APIs. Each of these layers interfaces with each other through a standard set of controls, so that the operational steps will be identical whether a user deploys a VM via the Azure Portal or via Azure PowerShell. Azure Arc can manage cloud resources with the following Azure Developer Tools:

At the time of this writing, the documentation for Azure Arc is not yet available, but some examples can be found in the quick start guides which are linked in the Getting Started with Azure Arc section.

Managing Legacy Hardware with Azure Arc

Azure Arc is hardware-agnostic, allowing Azure to manage a customer’s diverse or legacy hardware just like an Azure datacenter server. The hardware must meet certain requirements so that a virtualized Kubernetes cluster can be deployed on it, as Azure services run on this virtualized infrastructure. In the Public Preview, servers must be running Windows Server 2012 R2 (or newer) or Ubuntu 16.04 or 18.04. Over time, additional servers will be supported, with rumors of 32-bit (x86), Oracle and Linux hosts being supported as infrastructure servers.

Offline Management with Azure Arc

Azure Arc will even be able to manage servers that are not regularly connected to the Internet, as is common with the military, emergency services, and sea vessels. Azure Arc has a concept of “connected” and “disconnected” machines. Connected servers have an Azure Resource ID and are part of an Azure Resource group. If a server does not sync with Microsoft Azure every 5 minutes, it is considered disconnected yet it can continue to run its local resources. Microsoft Arc allows these organizations to use the latest Azure services when they are connected, yet still use many of these features if the servers do not maintain an active connection, including Azure Data Services. Even some services which run Azure AI and are hosted in Microsoft Azure can work disconnected environments while running on Azure Stack Edge.

Always Up-To-Date Tools with Azure Arc

One of the advantages of using Microsoft Azure is that all the services are kept current by Microsoft. The latest features, best practices, and AI learning are automatically available to all users in real-time as soon as they are released. When an admin logs into the Azure Portal through a web browser, they are immediately exposed to the latest technology to manage their distributed infrastructure. By ensuring that all users have the same management interface and APIs, Microsoft can guarantee consistency of behavior for all users across all hardware, including on-premises infrastructure when using Azure Arc. However, if the hardware is in a disconnected environment (such as on a sea vessel), there could be some configuration drift as older versions of Azure data services and Azure management tools may still be used until they are reconnected and synced.

Cloud Security & Compliance with Azure Arc

Public cloud services like Microsoft Azure are able to offer industry-leading security and compliance due to their scale and expertise. Microsoft employs more than 3,500 of the world’s leading security engineers who have been collaborating for decades to build the industry’s safest infrastructure. Through its billions of endpoints, Microsoft Azure leverages Azure AI to identify anomalies and detect threats before they become widespread. Azure Arc extends all of the security features offered in Microsoft Azure to on-premises infrastructure, including key vaults, monitoring, policies, security, threat protection, and update management.

Azure Key Vault with Azure Arc

When working in a distributed computing environment, managing credentials, passwords, and user access can become complicated. Azure Key Vault is a service that helps enhance data protection and compliance by securely protecting all keys and monitoring access. Azure Key Vault is supported by Azure Arc, allowing credentials for on-premises services and hybrid clouds to be centrally managed through Azure.

For more information about Azure Key Vault visit https://azure.microsoft.com/en-us/services/key-vault.

Azure Monitor with Azure Arc

Azure Monitor is a service that collects and analyzes telemetry data from Azure infrastructure, networks, and applications. The logs from managed services are sent to Azure Monitor where they are aggregated and analyzed. If a problem is identified, such as an offline server, it can trigger alerts or use Azure Automation to launch recovery workflows. Azure Arc can now monitor on-premises servers, networks, virtualization infrastructure, and applications, just like they were running in Azure. It even leverages Azure AI and Azure Automation to make recommendations and fixes to hybrid cloud infrastructure.

For more information about Azure Monitor visit https://azure.microsoft.com/en-us/services/monitor.

Azure Policy with Azure Arc

Most enterprises have certain compliance requirements for the IT infrastructure, especially those organizations within regulated industries. Azure Policy uses Microsoft Azure to audit an environment and aggregate all the compliance data into a single location. Administrators can get alerted about misconfigurations or configuration drifts and even trigger automated remediation using Azure Automation. Azure Policy can be used with Azure Arc to apply policies on all connect machines, providing the benefits of cloud compliance to on-premises infrastructure.

For more information about Azure Policy visit https://azure.microsoft.com/en-us/services/azure-policy.

Azure Security Center with Azure Arc

The Azure Security Center centralizes all security policies and protects the entire managed environment. When Security Center is enabled, the Azure monitoring agents will report data back from the servers, networks, virtual machines, databases, and applications. The Azure Security Center analytics engines will ingest the data and use AI to provide guidance. It will recommend a broad set of improvements to enhance security, such as closing unnecessary ports or encrypting disks. Perhaps most importantly it will scan all the managed servers and identify updates that are missing, and it can use Azure Automation and Azure Update Management to patch those vulnerabilities. Azure Arc extends these security features to connected machines and services to protect all registered resources.

For more information about Azure Security Center visit https://azure.microsoft.com/en-us/services/security-center

Azure Advanced Threat Protection with Azure Arc

Azure Advanced Threat Protection (ATP) helps the industry’s leading cloud security solution by looking for anomalies and potential attacks with Azure AI. Azure ATP will look for suspicious computer or user activities and report any alerts in real-time. Azure Arc lets organizations extend this cloud protect to their hybrid and on-premises infrastructure offering leading threat protection across all of their cloud resources.

For more information about Azure Advanced Threat Protection visit https://azure.microsoft.com/en-us/features/azure-advanced-threat-protection.

Azure Update Management with Azure Arc

Microsoft Azure automates the process of applying patches, updates and security hotfixes to the cloud resources it manages. With Update Management, a series of updates can be scheduled and deployed on non-compliant servers using Azure Automation. Update management is aware of clusters and availability sets, ensuring that a distributed workload remains online while its infrastructure is patched by live migrating running VMs or containers between hosts. Azure will centrally manage updates, assessment reports, deployment results, and can create alerts for failures or other conditions. Organizations can use Azure Arc to automatically analyze and patch their on-premises and connected servers, virtual machines, and applications.

For more information about Azure Update Management visit https://docs.microsoft.com/en-us/azure/automation/automation-update-management.

Role-Based Access Control (RBAC) with Azure Arc

Controlling access to different resources is a critical function for any organization to enforce security and compliance. Microsoft Azure Active Directory (Azure AD) allows its customers to define granular access control for every user or user role based on different types of permissions (read, modify, delete, copy, sharing, etc.). There are also over 70 user roles provided by Azure, such as a Global Administrator, Virtual Machine Contributor or Billing Administrator. Azure Arc lets businesses extend role-based access control (RBAC) managed by Azure to on-premises environments. This means that any groups, policies, settings, security principals and managed identities that were deployed by Azure AD can now access all managed cloud resources. Azure AD also provides auditing so it is easy to track any changes made by users or security principals across the hybrid cloud.

For more information about Role-Based Access Control visit https://docs.microsoft.com/en-us/azure/role-based-access-control/overview.

DevOps and Application Management with Azure Arc

Over the past few years, containers have become more commonplace as they provide certain advantages over VMs, allowing the virtualized applications and services to be abstracted from their underlying virtualized infrastructure. This means that containerized applications can be uniformly deployed anywhere with any tools so that users do not have to worry about the hardware configuration. This technology has become popular amongst application developers, enabling them to manage their entire application development lifecycle without having a dependency on the IT department to set up the physical or virtual infrastructure. This development methodology is often called DevOps. One of the key design requirements with Azure Arc was to make it hardware agnostic, so with Azure Arc, developers can manage their containerized applications the same way whether they are running in Azure, on-premises or in a hybrid configuration.

Azure Kubernetes Service (AKS) & Kubernetes App Management with Azure Arc

Kubernetes is a management tool that allows developers to deploy, manage and update their containers. Azure Kubernetes Service (AKS) is Microsoft’s Kubernetes service and this can be integrated with Azure Arc. This means that AKS can be used to manage on-premises servers running containers. In additional to Azure Kubernetes Service, Azure Arc can be integrated with other Kubernetes management platforms, including Amazon EKS, Google Kubernetes Engine, and IBM Kubernetes Service.

For more information about Azure Container Services visit https://azure.microsoft.com/en-us/product-categories/containers and for Azure Kubernetes Services (AKS) visit https://azure.microsoft.com/en-us/services/kubernetes-service.

Other DevOps Tools with Azure Arc

For container management on Azure Arc developers can use any of the common Kubernetes management platforms, including Azure Kubernetes Service, Amazon EKS, Google Kubernetes Engine, and IBM Kubernetes Service. All standard deployment and management operations are supported on Azure Arc hardware enabling cross-cloud management.

More information about the non-Azure management tools is provided on the section on Third-Party Management Tools.

DevOps On-Premises with Azure Arc

Many developers prefer to work on their own hardware and some are required to develop applications in a private environment to keep their data secure. Azure Arc allows developers to build and deploy their applications anywhere utilizing Azure’s cloud-based AI, security and other cloud features while retaining their data, IP or other valuable assets within their own private cloud. Additionally, Azure Active Directory can use role-based access control (RBAC) and Azure Policies to manage developer access to sensitive company resources.

Elastic Scalability & Rapid Deployment with Azure Arc

Containerized applications are designed to start quickly when running on a highly-available Kubernetes cluster. The app will bypass the underlying operating system, allowing it to be rapidly deployed and scaled. These applications can quickly grow to an unlimited capacity when deployed on Microsoft Azure. When using Azure Arc, the applications can be managed across public and private clouds. Applications will usually contain several containers types that can be deployed in different locations based on their requirements. A common deployment configuration for a two-tiered application is to deploy the web frontend on Microsoft Azure for scalability and the database in a secure private cloud backend.

Hybrid Cloud Integration with Azure Arc

Microsoft’s hybrid cloud initiatives over the past few years have included certifying on-premises software and hardware configurations known as Azure Stack. Azure Stack allows organizations to run Azure-like services on their own hardware in their datacenter. It allows organizations that may be restricted from using public cloud services to utilize the best parts of Azure within their own datacenter. Azure Stack is most commonly deployed by organizations that have requirements to keep their customer’s datacenter inhouse (or within their territory) for data sovereignty, making it popular for customers who could not adopt the Microsoft Azure public cloud. Azure Arc easily integrates with Azure Stack Hub, Azure Stack Edge, and all the Azure Stack HCI configurations, allowing these services to be managed from Azure.

For more information about Azure Stack visit https://azure.microsoft.com/en-us/overview/azure-stack.

Azure Stack Hub with Azure Arc

Azure Stack Hub (formerly Microsoft Azure Stack) offers organizations a way to run Azure services from their own datacenter, from a service provider’s site, or from within an isolated environment. This cloud platform allows users to deploy Windows VMs, Linux VMs and Kubernetes containers on hardware which they operate. This offering is popular with developers who want to run services locally, organizations which need to retain their customer’s data onsite, and groups which are regularly disconnected from the Internet, as is common with sea vessels or emergency response personnel. Azure Arc allows Azure Stack Hub nodes to run supported Azure services (like Azure Data Services) while being centrally managed and optimized via Azure. These applications can be distributed across public, private or hybrid clouds.

For more information about Azure Stack Hub visit https://docs.microsoft.com/en-us/azure-stack/user/?view=azs-1908.

Azure Stack Edge with Azure Arc

Azure Stack Edge (previously Azure Data Box Edge) is a virtual appliance which can run on any hardware in a datacenter, branch office, remote site or disconnected environment. It is designed to run edge computing workloads on Hyper-V VMs, VMware VMs, containers and Azure services. These edge servers will be optimized run IoT, AI and business workloads so that processing can happen onsite, rather than being sent across a network to a cloud datacenter for processing. When the Azure Stack Edge appliance is (re)connected to the network it transfers any data at high-speed, and data use can be optimized to run during off-hours. It supports machine learning capabilities through GPGA or GPU. Azure Arc can centrally manage Azure Stack Edge, its virtual appliances and physical hardware.

For more information about Azure Stack Edge visit https://azure.microsoft.com/en-us/services/databox/edge.

Azure Stack Hyperconverged Infrastructure (HCI) with Azure Arc

Azure Stack Hyperconverged Infrastructure (HCI) is a program which provides preconfigured hyperconverged hardware from validated OEM partners which are optimized to run Azure Stack. For businesses which want to run Azure-like services on-premises they can purchase or rent hardware which has been standardized to Microsoft’s requirements. VMs, containers, Azure services, AI, IOT and more can run consistency on the Microsoft Azure public cloud or Azure Stack HCI hardware in a datacenter. Cloud services can be distributed across multiple datacenters or clouds and centrally managed using Azure Arc.

For more information about Azure Stack HCI visit https://azure.microsoft.com/en-us/overview/azure-stack/hci.

Managed Service Providers (MSPs) with Azure Arc

Azure Lighthouse Integration with Azure Arc

Azure Lighthouse is a technology designed for managed service providers (MSPs), ISVs or distributed organizations which need to centrally manage their tenants’ resources. Azure Lighthouse allows service providers and tenants to create a two-way trust to allow unified management of cloud resources. Tenants will grant specific permissions for approved user roles on particular cloud resources, so that they can offload the management to their service provider. Now service providers can add their tenants’ private cloud environments under Azure Arc management, so that they can take advantage of the new capabilities which Azure Arc provides.

For more information about Azure Lighthouse visit https://azure.microsoft.com/en-us/services/azure-lighthouse or on the Altaro MSP Dojo.

Third-Party Integration with Azure Arc

Within the Azure management layer (control plane) exists Azure Resource Manager (ARM). ARM provides a way to easily create, manage, monitor and delete any Azure resource. Every native and third-party Azure resource uses ARM to ensure that it can be centrally managed through Azure management tools. Azure Arc now allows non-Azure resources to be managed by Azure. This can include third-party clouds (Amazon Web Services, Google Cloud Platform), Windows and Linux VMs, VMs on non-Microsoft hypervisors (VMware vSphere, Google Compute Engine, Amazon EC2), Kubernetes containers and clusters (including IMB Kubernetes Service, Google Kubernetes Engine and Amazon EKS). At the time of this writing limited information is available about third-party integration, but it will be added over time.

Amazon Web Services (AWS) Integration with Azure Arc

Amazon Web Services (AWS) is Amazon’s public cloud platform. Some services from AWS can be managed by Azure Arc. This includes operating virtual machines running on the Amazon Elastic Compute Cloud (EC2) and containers running on Amazon Elastic Kubernetes Service (EKS). Azure Arc also lets an AWS site be used as a geo-replicated disaster recovery location. AWS billing can also be integrated with Azure Cost Management & Billing so that expenses from both cloud providers can be viewed in a single location.

Additional information will be added once it is made available.

Google Cloud Platform (GCP) Integration with Azure Arc

Google Cloud Platform (GCP) is Google’s public cloud platform. Some services from GCP can be managed by Azure Arc. This includes operating virtual machines running on Google Compute Engine (GCE) and containers running on Google Kubernetes Engine (GKE).

Additional information will be added once it is made available.

IBM Kubernetes Service Integration with Azure Arc

IBM Cloud is IBM’s public cloud platform. Some services from IBM Cloud can be managed by Azure Arc. This includes operating containers running on IBM Kubernetes Service (Kube).

Additional information will be added once it is made available.

Linux VM Integration with Azure Arc

In 2014 Microsoft’s CEO Satya Nadella declared, “Microsoft loves Linux”. Since then the company has embraced Linux integration, making Linux a first-class citizen in its ecosystem. Microsoft even contributes code to the Linux kernel so that it operates efficiently when running as a VM or container on Microsoft’s operating systems. Virtually all management features for Windows VMs are available to supported Linux distributions, and this extends to Azure Arc. Azure Arc admins can use Azure to centrally create, manage and optimize Linux VMs running on-premises, just like any standard Windows VM.

VMware Cloud Solution Integration with Azure Arc

VMware offers a popular virtualization platform and management studio (vSphere) which runs on VMware’s hypervisor. Microsoft has acknowledged that many customers are running legacy on-premises hardware are using VMware, so they provide numerous integration points to Azure and Azure Arc. Organizations can even virtualize and deploy their entire VMware infrastructure on Azure, rather than in their own datacenter. Microsoft makes it easy to deploy, manage, monitor and migrate VMware system and with Azure Arc businesses can now centrally operate their on-premises VMware infrastructure too. While the full management functionality of VMware vSphere is not available through Azure Arc, most standard operations are supported.

For more information about VMware Management with Azure visit https://azure.microsoft.com/en-us/overview/azure-vmware.


Go to Original Article
Author: Symon Perriman