Written by Rafael Silva

Adding Windows Server 2022 to Azure Arc Services #AzureHybrid #HybridIT #Azure

Adding Windows Server 2022 to Azure Arc Services #AzureHybrid #HybridIT #Azure

https://ift.tt/VTQ3WBe

Azure Arc Enabled Server

With Microsoft Azure Arc Machine agent you can connect your Windows Server 2022 with Microsoft Azure Arc Services.
Microsoft Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud provider. in October 2023 Microsoft released via Windows Update Center the setup of Azure Arc Machine agent. In the following steps I will install Azure Arc via the Windows Server Manager:

Click on Disabled

Click on Next

Azure Connected Machine Agent is installing.

Click on Configure

Click on Next

Sign into your Azure Subscription

Click on Next

Select your Azure Active Directory Tenant.
Select Subscription
Select the Resource Group
Select the Azure Region
Select Network Connectivity.
Click on Next

 

Your done, your Windows Server is now connected with Azure Arc
Click on Finish

Here is our Azure Arc enabled Windows Server 2022 in the Microsoft Azure Portal.

 

From here you have all the Azure Arc Services available for your on-prem Server.

When you connect your machine to Azure Arc-enabled servers, you can perform many operational functions, just as you would with native Azure virtual machines. Below are some of the key supported actions for connected machines.

  • Govern:
  • Protect:
    • Protect non-Azure servers with Microsoft Defender for Endpoint, included through Microsoft Defender for Cloud, for threat detection, for vulnerability management, and to proactively monitor for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected.
    • Use Microsoft Sentinel to collect security-related events and correlate them with other data sources.
  • Configure:
  • Monitor:
    • Monitor operating system performance and discover application components to monitor processes and dependencies with other resources using VM insights.
    • Collect other log data, such as performance data and events, from the operating system or workloads running on the machine with the Log Analytics agent. This data is stored in a Log Analytics workspace.

This is handy to install a couple of Servers manually but when you have to do more, you can generate a script for multiple
Servers installation:

From the Azure Portal
Click on Generate Script

Here you can make a Basic script or for Configuration Manager,
or a script for a Group Policy or via Ansible.

Important:

Before you begin with making your Windows Server Azure Hybrid with the Arc Connected Machine Agent, you have to think about Security by Design. with Identity Access Management (IAM) you can manage who will get access to your Arc enabled Servers.
Wo may use Windows Admin Center for example in the Azure portal?

Access Control on Azure Arc enabled Server.

With Microsoft Azure policy you can set your governance and policies for the organization. There are a lot of pre-defined policies, but you can also make your own Azure policies for your Arc enabled Servers.

Conclusion

Make your datacenter(s) securely Hybrid with Microsoft Azure Arc Services is easy to do and gives you a lot of Azure Hybrid benefits.
Start with your test environment and make your own Azure Arc enabled solutions and when the experience is good you can do it in production 😉

 Here you find more about Azure Arc enabled Services:

Join the Azure Hybrid Community on LinkedIn for Free

virtualization,System Center,microsoft

via Cloud and Datacenter Management Blog https://ift.tt/Q1nL7Vq

December 12, 2023 at 05:28PM
James van den Berg