Woman sits on couch with laptop and looks out window



A Foreword by Frank X. Shaw

Once again at Microsoft Ignite, we have a book’s worth of news about Microsoft Azure, Security, Microsoft 365, Power Platform and more.

This Book of News arrives in a different season but, as always, it is still your guide to all the announcements we’re making, with all the detail you’ve come to expect. Our standing goal is to make it easy for you to navigate all the latest information and get key details on the topics you care about.

At this virtual event, we’ll welcome more than 100,000 global attendees including IT implementers and decision-makers, developers, data professionals, security professionals and people from various industries to experience the latest technology — and get a peek at what’s coming.

We’re always focused on the evolving needs of our customers and our news is reflective of that. As we have seen over the past year, businesses are accelerating the digitization of every part of their organizations. We’ve witnessed technology help with curbside ordering and pickup, telehealth, remote manufacturing, and empowering new ways of working from home or even presentations like we’re doing at Ignite — and these capabilities have relied on the public cloud, which is built on the investments that we and others have made over time. So much around us is changing, but we’re glad to be able to share Microsoft Ignite with this community.

We have a great lineup and some exciting moments planned for Satya’s keynote, so I hope you can join us.

As always, send us your feedback! We want to know if you are getting the information and context you need, and what we can do to make the experience even better next time.


What is the Book of News?

The Microsoft Ignite 2021 Book of News is your guide to the key news items that we are announcing at Ignite. To make the Book of News more interactive, we’ve created a live site that we hope you will find engaging and easy to navigate. Instead of scrolling through pages of content, you now have the option to select the items you are interested in from the Table of Contents.

We’ve also added translation capabilities to make the Book of News more accessible globally. You can click above the Table of Contents to enable translation.

We hope the new changes will help you get all the information, executive insight and context you need.

If you have any questions regarding content in the Book of News, please email [email protected].

1. AZURE 1.1 Azure AI

1.1.1 Semantic search capability in Azure Cognitive Search now in preview

A new semantic search capability in Azure Cognitive Search, an artificial intelligence (AI)-powered cloud search service for mobile and web app development, is now available in preview. This capability enables developers to deliver results based on user intent as opposed to a keyword-based search, which is the industry norm. Semantic search leverages some of the most advanced natural language models to improve relevance and ranking of search results. It uses concept matching, synonym search and other techniques to deliver a more personalized search experience for users.

In addition, a new SharePoint connector makes it easier to ingest and explore SharePoint content within Azure Cognitive Search.

Learn more about this update. 

1.1.2 Azure Form Recognizer adds preview of data extraction and new languages

Form Recognizer, an Azure Cognitive Service, is introducing support for pre-built identification documents (IDs) and invoice extraction, plus the ability to read data in 64 additional languages (raising the total to 73).

The new pre-built IDs feature will enable automated extraction of data from worldwide passports and driver’s licenses, helping customers avoid manual data entry and improving services like online banking transactions and hotel registration. ​

Data extraction from invoices will further help customers extract text, key-value pairs and tables from documents to produce structured data that reflects the relationships in the original file without manual data labeling or intensive coding.

Language support will expand to 73 this month from the existing nine: English, French, German, Italian, Spanish, Portuguese and Dutch (all generally available), and Simplified Chinese and Japanese (in preview).

Learn more about this update.

1.1.3 Azure Machine Learning adds preview of hybrid support and other capabilities

Azure Machine Learning (Azure ML), an enterprise-grade service that helps customers build and deploy models rapidly, has several new capabilities.

Azure Arc now supports Azure ML. Customers can sign up to access the preview today. More information on this announcement can be found in the Azure Hybrid, Azure Infra, Azure Migrate section.

Support for large-scale, interactive data preparation in Azure ML, backed by Azure Synapse Spark, is now available in preview. This builds upon recently released capabilities for data professionals working in Azure Synapse to seamlessly collaborate with data scientists using Azure ML. Data scientists can now prepare data and do feature engineering on big data directly from Azure ML notebooks, saving time and optimizing workflows.

Azure Percept, a family of devices and services, is now available in preview. Azure Percept powers real-time insights at the edge through hardware accelerators integrated with Azure ML and Azure Cognitive Services. More information on this announcement can be found in the Azure IoT section.

Learn more about these updates. 

1.2 Azure Data

1.2.1 Azure analytics and governance updates support faster, more reliable insights

Multiple updates to Azure’s analytics tools are now available. These updates are designed for easier customer deployments, increased reliability, cross-platform capabilities and deeper insight. Azure’s analytics tools help businesses stay nimble in an increasingly complex market.

  • With the launch of Azure Synapse Pathway, customers can simplify and accelerate migrating from a legacy or cloud data warehouse to Azure Synapse Analytics by providing automated translation of existing business logic. Azure Synapse is a limitless analytics service that brings together data integration, enterprise data warehousing and big data analytics to provide real-time data insights. This downloadable tool enables customers to access resources such as SQL Server, Netezza and Snowflake, with Teradata, BigQuery, Redshift and others coming soon. This allows automatic translation of more than 100,000 lines of SQL code in minutes, eliminating one of the main hurdles in migration.
  • Azure Stream Analytics, now generally available, has been updated to provide support for single tenant dedicated clusters. ​Azure Stream Analytics Dedicated provides single tenant hosting for increased reliability with no noise from other tenants. Customer resources are “isolated” and perform better during bursts in traffic.
  • Multiple updates are available for Azure Purview, a unified data governance service that facilitates the mapping and control of organizational data no matter where it resides — on-premises, in multicloud or software-as-a-service (SaaS). Azure Purview is integrated with Microsoft Information Protection, which means the same sensitivity labels defined in Microsoft 365 Compliance Center can be applied.
    • Azure Purview’s ability to automatically scan and classify data residing in AWS Simple Storage Services (S3), SAP ECC, SAP S4/HANA and Oracle Database is now available in preview. With this update, customers can automatically scan and classify data residing within various on-premises data stores using the Azure Purview Data Map. In addition, this data can now be discovered across the organization.
    • Azure Purview’s ability to scan Azure Synapse Analytics workspaces is now available in preview. With this update, customers can discover and govern data across their serverless and dedicated SQL pools in Azure Synapse workspaces. This expands on Azure Purview’s existing tools, enabling customers to scan data across various sources via out-of-the-box connectors in the Data Map.

Learn more about these updates. 

1.2.2 Azure Cache for Redis, now generally available, supports distribution of Redis instance across regions

The Enterprise and Enterprise Flash tiers of Azure Cache for Redis are now generally available. Azure Cache for Redis is an open source in-memory data store that is used as a database, cache and message broker. It provides a fast, managed caching layer that can help enable an app’s architecture to handle thousands of simultaneous users. The Enterprise tiers of Azure Cache for Redis expand upon existing product capabilities by adding powerful features such as real-time search and time-series capabilities, as well as up to 10 times larger cache sizes.

Users of these tiers can also now use active geo-replication, a new feature now in preview, to distribute a Redis instance across regions. This feature enables the creation of global caches with multiprimary writes — data written in one region will be automatically applied to each other region. This functionality is designed to create architectures with up to 99.999% availability.

Learn more about this update.

1.2.3 Four new updates for Azure Cosmos DB are now generally available or in preview

Four new updates for Azure Cosmos DB are now available to help customers build or modernize scalable, high-performance apps. These updates enable cloud-native and real-time analytics through the generally available integration with Azure Synapse Link. The preview of additional features will give customers enhanced security, control, flexibility and accuracy.

  • Azure Synapse Link for Azure Cosmos DB is now generally available. Azure Synapse Link for Cosmos DB enables cloud-native and near-real-time analytics to be run over the NoSQL data in Azure Cosmos DB, including MongoDB. Azure Synapse Link breaks down the barrier that has long existed between online transactional processing (OLTP) and online analytical processing (OLAP) systems by linking Azure Cosmos DB to Azure Synapse Analytics.
  • Mongo v4.0 server support in Azure Cosmos DB API for Mongo DB is now generally available. Mongo v4.0 server support in Azure Cosmos DP API for Mongo DB makes it simple for developers to leverage the database for error handling with multidocument transaction support and retriable writes. It also gives users more flexibility to process data, with support for many new aggregation operators, and makes it easier for developers using MongoDB v4.0 to migrate to Azure Cosmos DB. Customers can now benefit from the extended transaction support already in Core API to MongoDB data by more easily modeling transactional business logic without the complexities of error-handling logic.
  • Azure Cosmos DB Continuous Backup and Point-in-Time is now available in preview. This provides ongoing backups and enables customers to recover and restore data from any point within the past 30 days. Continuous backup and point-in-time restoration mean customers don’t have to worry about accidental changes (such as writes and deletes) to their databases or containers. If an unwanted change or error happens, they can restore their data to its previous state.
  • Cosmos DB role-based access control (RBAC), now available in preview, provides customers with enhanced security for data in Azure. The introduction of RBAC with Azure Active Directory (Azure AD) integration enables customers to assign “roles” to users and applications, which provides a granular, well-defined way to control data access from users and applications. Customers can determine the identity used to perform a database operation by retrieving the information in diagnostic logs.

Learn more about these updates.

1.2.4 Azure Managed Instance for Apache Cassandra released in preview

Azure Managed Instance for Apache Cassandra, a new semimanaged service offering, is now available in preview. This service will enable organizations to run more of their Cassandra NoSQL data on Azure, removing the need for database administrators and developers to manage infrastructure or manage and update their version of Cassandra. ​

Previously, customers have faced stark choices for their Cassandra data: full-scale migration to platform-as-a-service (Azure Cosmos DB), self-managed virtual machines or self-managed on-premises infrastructure. With the introduction of Azure Managed Instance for Apache Cassandra, customers can now choose the best cloud option for their data workloads.

Learn more about this update.

1.3 Azure Datacenters

1.3.1 Microsoft adding datacenter region in China; Azure Resource Mover now generally available

To meet growing customer demand in China, Microsoft will establish a new datacenter region in northern China. The new region will enable more customers to innovate and collaborate with the Microsoft Cloud, including Microsoft Azure, Office 365, Dynamics 365 and Power BI.​

Azure Resource Mover, which provides portability between Azure regions and is unique to the Azure platform, is now generally available. Azure Resource Mover allows new customers to create applications in existing regions and migrate them upon new region launch or move into regions with availability zones (AZs) if not planned for their region. Azure Resource Mover moves multiple resources among Azure regions and performs dependency analysis for the workloads to ensure a successful move.

Learn more about the new datacenter region and Azure Resource Mover.

1.4 Azure Dev and Ecosystem

1.4.1 Azure Communication Services to be generally available, with Microsoft Teams interoperability in preview

Azure Communication Services, the first fully managed communication platform offering from a major cloud provider, will become generally available in the next few weeks. Azure Communication Services is also now interoperable with Microsoft Teams in preview, enabling customers to leverage a unified offering for both internal and external communication experiences. Employees benefit from the security, familiarity and capability of Teams, and external users can enjoy a custom communication experience on a web or mobile app outside the organization. This is ideal for many business-to-consumer scenarios, such as healthcare professionals delivering remote care, financial advisors helping consumers with a loan application or support staff helping end users install a new product.

Azure Communication Services provides developers with a set of libraries to help integrate voice, video, text and data communication. This enables scenarios such as browser-to-browser, browser-to-app and app-to-app communication; users interacting with bots or other services; and users and bots interacting over the public switched telephone network. Azure Communication Services was first introduced in preview in September 2020.

In addition, enterprises can now offer conversational artificial intelligence (AI) experiences over a traditional phone line with Azure Bot Service’s new telephony channel, powered by Azure Communication Services. When coupled with powerful AI capabilities from Azure Cognitive Services, enterprises can offer seamless natural language and speech interaction to end users compared with traditional Interactive Voice Response (IVR) offerings.

Learn more about this update.

1.4.2 Autoscale for Azure Spring Cloud and Managed Virtual Network now generally available

Two related Azure Spring Cloud features — Managed Virtual Network and Autoscale — are now generally available. Azure Spring Cloud is a fully managed service for Spring Boot apps that helps customers focus on building apps to run their businesses without the hassle of managing infrastructure.

Customers who seek added security can deploy Azure Spring Cloud in a Managed Virtual Network to isolate apps from the internet or place them within their own corporate networks. This lets customers control inbound and outbound network communications for Azure Spring Cloud and enables Azure Spring Cloud to interact with systems in on-premises datacenters or Azure services in virtual networks.

Autoscale for Azure Spring Cloud enables customers to be more productive and cost-efficient by automatically scaling apps up or down based on system load or schedule, reducing stress on underlying infrastructure. Both features are fully supported with service-level agreement (SLA) commitment at general availability.​ They were first made available in preview in September 2020, when Azure Spring Cloud was made generally available. In addition, Azure Spring Cloud has been expanded to seven more Azure regions, bringing the total to 18.

The update also includes the general availability of the following features:​

Learn more about this update.

1.4.3 Developer Velocity Assessment tool updates and new industry report help organizations understand digital readiness

A new report containing in-depth industry findings to help accelerate software transformation is now available. In parallel, updates to Microsoft’s Developer Velocity Assessment tool ​to help organizations understand their digital readiness are now available.

The report is based on a study conducted in 2020 in partnership with McKinsey & Co. and includes eight key learnings for organizations. It is derived from in-depth research with three financial companies and two retailers. The Developer Velocity Assessment tool updates include a questionnaire that produces a detailed report with the customer’s Developer Velocity Index score; expanded app modernization and remote work assessments; and custom recommendations to accelerate digital transformation, improve business performance and close any gaps.

Learn more about this update.

1.4.4 New solutions for running Java EE applications on Azure now available

New solutions for running Java Enterprise Edition (Java EE) applications on Azure are now available in the Azure Marketplace and on Microsoft Docs. Customers can now use Azure Marketplace offers and automated scripts to deploy Oracle WebLogic Server, IBM WebSphere Application Server and IBM WebSphere Liberty/Open Liberty on Azure.​ Customers will now have greater choice and flexibility to migrate their Java EE apps to the cloud with offers jointly supported by Microsoft, Oracle and IBM.

Customers can deploy WebLogic on Azure Virtual Machines or use validated Kubernetes operators to deploy WebLogic and WebSphere on Azure Kubernetes Service (AKS) and WebSphere on Azure Red Hat OpenShift (ARO). These solutions make it easy to get up and running, while allowing for a high degree of control and customization.

Learn more about these updates for WebLogic and WebSphere on Azure.

1.4.5 .NET Upgrade Assistant now available in preview

The .NET Upgrade Assistant is now available in preview. The .NET Upgrade Assistant helps developers move large, mission-critical .NET Framework-based Windows applications to the modern, cross-platform, high-performance development platforms .NET Core 3.1 or .NET 5. The .NET Upgrade Assistant unifies previously disjointed porting tools and provides step-by-step instructions to help developers upgrade confidently. It has been released as an open-source project as well as a .NET global tool NuGet package.

Learn more about this update.

1.4.6 Private Azure Marketplace now generally available

Private Azure Marketplace, a service that enables administrators to govern which third-party solutions their users can access in Azure marketplace, is now generally available. Organizations can use this service to ensure that only offers that comply with their policies and regulations are deployed and used by the organization’s users. ​A preview of this service was announced in September 2020.

Learn more about this update. 

1.4.7 Visual Studio 2019 version 16.9 generally available; version 16.10 preview 1 in preview

Visual Studio 2019 version 16.9, now generally available, comes with new enhancements for C++ development, .NET productivity, Git tooling, web tooling and XAML productivity.

Visual Studio 2019 version 16.10 preview 1, now available in preview, provides additional functionalities for C++ development and .NET diagnostics and debugging.

Learn more about this update.

1.5 Azure Hybrid, Azure Infra, Azure Migrate

1.5.1 Azure Arc updates now available

Azure Arc, released last year, is receiving multiple important updates. Azure Arc is a set of technologies that enable simplified management, faster app development and consistent Azure services anywhere. Customers need the ability to run applications across on-premises datacenters, multiple clouds and edge devices.

  • Azure Arc-enabled Kubernetes is now generally available. Azure Arc-enabled Kubernetes allows organizations to connect, manage and govern any Kubernetes cluster across datacenters, multicloud and edge from Azure. Customers can deploy a common set of Kubernetes configurations to all their clusters, right from the Azure Portal, consistently and at scale. Azure Arc also enables developers to centrally code and deploy applications securely to any Kubernetes cluster in any location using GitOps.
  • Azure Arc-enabled machine learning is now in preview, meaning customers can innovate with Azure Machine Learning to target any Kubernetes cluster for model training, on-premises, in multicloud and at the edge. Organizations can leverage their existing Kubernetes infrastructure investments to lower cost and increase operational efficiency as they extend machine learning to run close to where the data lives and autoscale compute anywhere. In addition, Azure Arc provides management, consistency and reliability so that all resources can be managed through a single unified pane. With a simple one-click deployment of the machine learning agent, data scientists and developers can build models using familiar tools in Azure Machine Learning, without having to learn Kubernetes. All models, irrespective of where they were built, can be stored and tracked in a central location in Azure Machine Learning for sharing, reproducibility and audit compliance. Starting today, customers can sign up here to access the preview.

Learn more about this update.

1.5.2 New capabilities for Azure Automanage, now in preview, to simplify operations for Windows Server VMs

New capabilities have been added to Azure Automanage to simplify operations for Windows Server virtual machines (VMs). Azure Automanage, which is now in preview, helps customers reduce day-to-day management tasks with automated operations across the entire lifecycle of VMs in Azure. With Automanage, IT admins can manage their VMs with point-and-click simplicity, individually or at scale.

New capabilities in Azure Automanage for Windows Server help customers enable rebootless security patching for new Windows Server VMs. These new enhancements allow for the deployment of security patches in seconds, helping protect servers against critical threats.

For customers who want to automate management of other workloads, Azure Automanage has been expanded to Linux. With this preview, Azure Automanage will now support major Linux distributions.

Learn more about this update.

1.5.3 Updates for Azure Backup support data protection at scale

Updates for Azure Backup, which provides data protection capabilities for business-critical workloads in a simple, secure and cost-effective manner, are now available.

Backup Center, now generally available, enables centralized backup management for Azure Virtual Machines , SQL in Azure Virtual Machines, HANA in Azure VMs and Azure Files. Additional Backup support is in preview for Azure Disks, Azure Blobs and Azure Database for PostgreSQL servers.

With Backup Center, customers can get an aggregated view of their inventory across subscriptions, locations, resource groups, vaults and even tenants using Azure Lighthouse. The seamless integration with Azure Policy and newly added capabilities for tag-based Azure Policies enables governance at scale and simplifies tracking for compliance. Customers can also monitor jobs, filter based on operation type and further leverage backup reports for richer insights. Backup Center also provides information on resources not yet configured for backup.

Azure Backup now also offers archive support for Azure VMs and SQL server running on Azure VMs via PowerShell in limited preview. Users of this feature can save by storing backups in lower-cost archive storage tiers.

Learn more about these updates.

1.5.4 New Azure Compute capabilities for running mission-critical applications are now available

Several new Azure Compute updates have been released in preview to help customers scale and manage the deployment of business-critical applications in the cloud, while ensuring high levels of resiliency, security and performance. These releases expand Azure’s infrastructure-as-a-service (IaaS) portfolio:​

  • On-demand capacity reservations for Azure Virtual Machines will be available in preview in April. On-demand capacity reservations for Azure Virtual Machines enable customers to access virtual machines (VMs) in advance with service-level agreement (SLA) guarantees. This is particularly important to organizations that want to ensure high levels of availability when running business-critical applications on Azure.
  • Azure Virtual Machine Scale Sets flexible orchestration mode is now available in preview. Azure Virtual Machine Scale Sets help customers simplify the deployment, management and scalability of their applications while increasing high availability. Customers may now change VM sizes without redeploying their scale set, resulting in greater operational agility. Customers will also be able to mix Spot Virtual Machines and pay-as-you-go VMs within the same scale set to optimize costs.
  • New Mv2 Azure Virtual Machines for memory intensive workloads are now available in preview, giving customers a 20% increase in CPU performance plus access to more VM sizes. Customers will be able to deploy the same VMs to Azure Dedicated Hosts. These offerings expand the range of workloads that customers can run in Azure while addressing specific organizational compliance requirements. Dedicated Hosts also offer confidential computing capabilities, enabling customers to build secure enclave-based applications to protect their code and data while it’s in use.
  • Azure Cloud Services extended support is now available in preview. Azure Cloud Services extended support is a new Azure Resource Manager (ARM)-based deployment model for Azure Cloud Services, which provides regional resiliency along with feature parity with Azure Cloud Services deployed using Azure Service Manager (ASM). This new deployment model also offers some ARM capabilities, such as role-based access control (RBAC), tags and policy, and also supports deployment templates. This update was originally announced in January 2021.

Learn more about these updates. 

1.5.5 New Azure Disk Storage capabilities for running mission-critical applications now in preview

Several Azure Disk Storage product enhancements for running mission-critical applications on Azure are now available in preview, including:

  • Azure Premium SSD and Standard SSD, which offer zone-redundant storage (ZRS) support to protect data in the event of a zone failure, a key feature to provide customers with high availability for mission-critical workloads. Disks with ZRS also provide a recovery point objective (RPO) of zero that minimizes data loss and helps ensure successful data recovery.
  • Performance tiers on Azure Premium SSD, which provide sustained higher performance for a planned event like a seasonal sales promotion, giving customers the flexibility to scale performance without increasing the disk size by selecting a higher performance tier. Customers can now upgrade performance tiers on Premium SSDs without any downtime to avoid disruption to their workloads.
  • Auto-key rotation of customer-managed keys, which gives customers the option to automatically update all their disks, snapshots and images using the same encryption key when a new version of a key is generated. Customers no longer need to manually update all their Azure resources and can ensure that their data is always secured with the latest key versions and that they meet their organization’s security and compliance requirements.

Learn more about these updates.

1.5.6 Azure Migration tools, services and guidance expanded

An expanded set of Azure migration tools and services to help customers transition their businesses to the cloud has been released:

  • Azure Migration Program (AMP), which provides expert assistance to simplify cloud migration, will offer expanded support for application modernization scenarios in the coming weeks. AMP will support modernization of popular web apps, including .NET, Java and LAMP (Linux, Apache, MySQL, PHP/Perl/Python) apps. These apps can be modernized to a customer’s choice of compute (i.e., Azure Kubernetes Service or Azure App Service) and database (i.e., Azure SQL or MySQL or PostgreSQL). This expansion builds on existing support for migrating datacenter infrastructure, databases and virtual desktop infrastructure, thereby enabling coverage for a rich set of migration and modernization scenarios spanning applications, infrastructure and data.
  • FastTrack for Azure, a technical enablement program that helps with deployment of cloud solutions, now offers new services: 1) Accelerating production deployments for cloud native applications so customers can receive deployment best practices for Kubernetes, OpenShift, serverless and event-driven workloads; and 2) Support for Hybrid/Azure Arc deployments starting with servers.
  • Microsoft Cloud Adoption Framework, a collection of documentation, guidance and tools to help customers accelerate their cloud adoption, has added new best practice guidance on adopting hybrid and multicloud approaches. ​This new guidance enables customers to take advantage of the benefits of hybrid and multicloud adoption while also ensuring consistent security, governance and compliance across the board.
  • Azure Migrate, the central hub of Azure cloud migration services and tools, offers three new capabilities, now in preview. These new capabilities allow customers to discover and assess their SQL servers and databases for migration to Azure from within the Azure Migrate portal. The hub also now includes an app containerization tool, with support for ASP.NET and Java web applications, to help customers migrate applications to containers running on Azure Kubernetes Service (AKS). Lastly, the new Azure PowerShell module adds support for the Server Migration tool’s agentless method of migrating VMware virtual machines (VMs) to Azure.
  • Azure Migrate’s unified discovery and assessment capabilities for Windows, Linux and SQL server now allow customers to discover and assess their SQL servers for migration to Azure and their databases from within the Azure Migrate portal.
  • The new Azure Migrate Azure PowerShell module is now available in preview. Azure Migrate Azure PowerShell has added support for the Server Migration tool’s agentless method of migrating VMware VMs to Azure. Customers can now configure and manage replication of servers to Azure and migrate them to Azure VMs using Azure PowerShell cmdlets in an automated, repeatable manner.           ​

Learn more about these updates. 

1.5.7 Updates for Azure Monitor now available

New capabilities have been released for Azure Monitor, which provides a rich set of enterprise-ready capabilities to ensure customers have complete observability of their hybrid environment, while maximizing availability, reliability and performance.

For Azure Monitor application insights, customers writing Node.js apps on Linux App Services can now onboard to Application Insights for application monitoring, without making any code changes, using auto-instrumentation.

Learn more about this update.

1.5.8 New Azure Networking updates now available

New advancements and functionalities are available across Azure Networking services:

  • Azure load balancing options are available this month. Azure load balancing options include a guided experience to help customers choose the load balancing options that match their architectural and application requirements. Azure Load Balancer, now generally available, supports load balancing across IP addresses in the backend pool. Previously, network interfaces associated with virtual machines (VMs) could be added only in the backend of a Load Balancer. This feature enables flexibility to load balance across containers in addition to VMs and VM scale sets associated with their load balancer.
  • Azure Public IP SKU upgrade is now generally available. Azure Public IP SKU allows customers to upgrade and retain the same IPs without management overhead or notices to their end customers and now supports the ability to upgrade from Basic to Standard SKU. In addition, any Basic Public Load Balancer can now be upgraded to a Standard Public Load Balancer, while retaining the same public IP address. This is supported via PowerShell, command line interface (CLI) templates and API, and is available across all Azure regions.
  • Azure Networking routing preference, which lets Azure customers choose how their traffic is routed between Azure and the internet, is now generally available. Azure customers can choose to optimize for performance (Microsoft network) or cost (ISP network/open internet). These options are also referred to as “cold potato routing” and “hot potato routing,” respectively. Egress data transfer price varies based on the routing selection. ​This update will give customers more flexibility to optimize their underlying routing network for performance or cost on a per workload basis. ​Azure routing preference had been previously released in preview.

Additionally, there are two network security updates now available in preview.

  • Azure Front Door is now available in preview. Azure Front Door has been upgraded to provide secure cloud content delivery network (CDN) service with integrated intelligent security capabilities enabling cybersecurity teams to protect and accelerate apps, APIs, websites and content delivery in just a few clicks.
  • Azure Firewall Premium has been upgraded with next-generation firewall, now available in preview, which provides enhanced security with intrusion, detection and prevention system capabilities​ required for highly sensitive and regulated environments.

Learn more about these updates.

1.5.9 New Azure Hybrid Networking updates available

Multiple new Azure services and features to enable customer hybrid networking scenarios are now available or coming soon, including:

  • Azure Route Server, now available for preview, facilitates dynamic routing between network virtual appliance (NVA) and virtual networks. By establishing the Border Gateway Protocol (BGP) peering between an NVA and Azure Router Server, customers can inject IP addresses (i.e., routes) from their NVA to their virtual network and let the NVA learn what IP addresses their virtual network has. Azure Route Server is a fully managed service with built-in high availability.
  • ExpressRoute IPv6 Support, to be released to preview later this month, will support both IPv4- and IPv6-based private peering in availability zones (AZs). IPv6 will enable key internet of things (IoT) scenarios. It will simplify enterprises’ migration or expansion to Azure even as they run out of IPv4 addresses in their on-premises network.
  • New ExpressRoute Gateway metrics are now available for preview. ExpressRoute Gateway metrics enable users to monitor the count of routes learned, count of routes advertised, number of virtual machines (VMs) in the virtual network and frequency of routes changed for their ExpressRoute gateways, and set up alerts to manage capacity accordingly.
  • New ExpressRoute Portal Experience, now generally available, allows users to have a more complete peering and Global Reach configuration experience in Azure Portal.
  • Azure Virtual WAN now offers integration with VMware SD-WAN in preview. This allows customers to connect all branch offices and remote locations to Azure through VMWare SD-WAN. Users can now manage last-mile connectivity and dynamic path optimization through VMWare SD-WAN and leverage global connectivity, routing intelligence and security through Azure Virtual WAN, benefiting from a complete Secure Access Service Edge (SASE) solution.
  • Virtual WAN Remote User VPN Features are now available in preview. Virtual WAN Remote User VPN Features enable 100,000 remote users to connect to a Virtual WAN hub in a region (increased from the previous 10,000 limit). It will allow remote users to authenticate using any combination of Certificates, Azure Active Directory and Radius Servers. It also offers custom IPsec parameters for remote user VPN. Finally, it will connect multiple Radius servers to a single Virtual WAN Hub for Remote User authentication.
  • Scalable Bastion Gateway will be released in preview later this month. Scalable Bastion Gateway will allow users to increase the size of Bastion gateway to support as many as 500 concurrent sessions and decrease the gateway size when the usage demand goes down. Bastion will support native Azure Active Directory (Azure AD) authentication integration for Linux VMs deployed on Azure.
  • Advanced VPN diagnostic features, including Packet Capture, the BGP Dashboard and VPN Connection features, will be released in preview this month. Packet Capture helps customers troubleshoot their connectivity issues and inspect the traffic flowing through their VPN gateways. The BGP Dashboard provides an all-up view for customers to see their route exchange between Azure and their on-premises networks. VPN Connection features (Reset, Show SA, Modes) allow customers to have fine-grained control and visibility to their VPN tunnels for monitoring, troubleshooting and management.

Learn more about this update.

1.5.10 Windows Server 2022 is now available in preview

Windows Server 2022, now available in preview, enables customers to run existing and new business-critical applications with confidence on Azure, on-premises and at the edge.

Windows Server 2022 introduces advanced multilayer security, hybrid capabilities with Azure and a flexible application platform. As part of this release, Windows Server is getting secured-core capabilities to secure systems that would run workloads on Windows Server 2022. Secured-core server builds on technologies such as Windows Defender System Guard and Virtualization-based Security to minimize risk from firmware vulnerabilities and advanced malware. The new release also provides secured connectivity by introducing several new capabilities such as faster and more secure encrypted HTTPS connections and industry standard SMB AES 256 encryption. Windows Server 2022 improves hybrid server management and has an enhanced event viewer and many more new capabilities in Windows Admin Center. Furthermore, this release includes improvements to Windows containers, such as smaller image size for faster download, simplified network policy implementation and containerization tools for .NET applications.

Learn more about this update.

1.6 Azure IoT

1.6.1 Azure IoT updates available and coming soon

Updates are now available and coming soon for Azure IoT, a collection of services and capabilities that meet customers where they are, from the edge to the cloud. Azure IoT includes security and operating systems for devices and equipment, along with data and analytics that help businesses build, deploy and manage internet of things (IoT) applications. The following updates are now available or coming soon, as indicated:

  • Device Update for Azure IoT Hub, now available in preview in the western United States, Asia and Europe, enables automatic updates to help keep IoT devices current and secure. Customers can use this end-to-end platform to operate, maintain and update IoT devices at scale, reducing development and maintenance costs. ​It enables customers to publish, distribute and manage over-the-air updates for everything from tiny sensor devices to gateway-level modules. ​It also scans updates for malware and allows a device to verify their integrity and provides various management controls and reporting capabilities.
  • NXP Semiconductors N.V. announced this week that it is developing a new microprocessor built with Azure Sphere, a platform designed to enable more secure connected devices. The chip will be available in preview in November 2021 and will become generally available in early 2022. This news was originally announced in June 2019. This new chip, the “NXP i.MX 8ULP SoloLite-SA built with Azure Sphere and NXP i.MX 9 multi-chip series,” is meant to empower any organization to create highly secured IoT devices. ​It includes a secured-by-design approach to the silicon, which includes the Microsoft Pluton security subsystem, and layers security through the secured Azure Sphere operating system, up to the cloud-based Azure Sphere Security Service. It also provides ongoing updates and security improvements for the lifetime of the device.

Learn more about these updates.

1.6.2 Azure Percept, AI-powered family of edge devices and services, now in preview

Azure Percept, a comprehensive, easy-to-use and secure platform designed to help customers build, apply and operate artificial intelligence (AI) models in lower-power edge cameras and audio devices, is now available in preview. Azure Percept powers real-time insights at the edge through hardware accelerators built to integrate seamlessly with Azure AI and Azure internet of things (IoT) services. The combination of hardware, pre-built AI models and Azure services enables uses like object detection, shelf analytics, anomaly detection and keyword spotting at the edge.

Azure Percept Studio simplifies AI lifecycle management at the edge with tools for developers, including a library of pre-built Azure AI models for object detection, shelf analytics, secure spaces, vehicle analytics, command and control, and more. Customers with low-code or no-code experience can quickly customize, train and deploy AI models locally or in the cloud. Data remains secure whether in transit or at rest with layers of protection for Azure Percept edge workloads and models. Zero Trust ensures that device security posture is continuously monitored and governed. Data is encrypted using Azure Percept’s AI model lifecycle management for secure access anywhere through authorized systems.

Azure Percept works out of the box with Azure AI, Azure Cognitive Services, Azure Machine Learning and Azure Live Video Analytics, and is integrated with Azure IoT services. The family includes: 

  • Azure Percept DK, a deployment-ready development kit with a carrier board, mounting tools and Azure Percept Vision, a camera-enabled system on module (SOM) for rapid scenario-based customization.
  • Azure Percept Audio, a voice-enabled SOM with a four-microphone linear array that can enable voice activation and customer commands on local microphone-enabled devices.
  • Azure Percept Studio​, a complete step-by-step platform that brings together AI tooling, Azure IoT services, device provisioning and edge AI lifecycle management at the edge.

Learn more about this update.

1.7 Azure Mixed Reality

1.7.1 Mixed-reality services Azure Remote Rendering and Azure Object Anchors now available

Mixed-reality services Azure Remote Render and Azure Object Anchors are now available.

  • Azure Remote Rendering, now generally available, renders complex models in the cloud and streams them in real time to devices. ​This service brings high-quality 3D content and interactive experiences to mixed-reality devices, such as HoloLens 2, enabling users to interact and collaborate with highly detailed 3D content. Bentley Systems is leveraging Remote Rendering-based immersive processes to visualize infrastructure assets remotely to reduce time spent, lower costs, improve safety and minimize traffic disruptions. Other partners including HoloLab Inc. and BIM Holoview have leveraged Remote Rendering to create applications to visualize high-fidelity renderings of 3D computer-aided design (CAD) layouts for the engineering and construction industries.
  • Azure Object Anchors is now available in preview. Azure Object Anchors leverages 3D models of objects, trains in the cloud using artificial intelligence (AI) and uses the trained model to enable holographic alignment to physical objects. With Object Anchors, developers can enable automatic alignment without the use of markers — saving money, reducing errors inherent in manual alignment and improving overall user experience.

Learn more about Azure Remote Rendering and Azure Object Anchors.

1.7.2 New mixed-reality platform Microsoft Mesh enables collaborative experiences

New mixed-reality platform Microsoft Mesh powers collaborative experiences with a feeling of presence– meaning users feel like they are physically present with one another even when they are not. People can interact with 3D content or engage with one another through Mesh-enabled apps across any platform or device – including Microsoft HoloLens, virtual reality (VR) headsets, smartphones, tablets or PCs.

Microsoft Mesh can be used to:

  • Collaborate, create and communicate;
  • Help each other solve problems;
  • Train together from anywhere; and
  • Design new things.

Microsoft Mesh is designed to connect people across a range of devices and platforms as they engage with mixed reality, enabling them to participate and create as one through immersive experiences. Users will be able to connect as avatars or as holographic versions of themselves, build a common understanding with shared 3D content and leverage a common identity across platforms, all powered by the enterprise-grade security of the Azure cloud. ​Customers can download the Microsoft Mesh app for HoloLens 2, now available in preview, and request access to the AltSpaceVR app with new capabilities for work.

For developers, Microsoft Mesh simplifies and speeds up app development with easy-to-integrate modules to enable presence and collaboration in their mixed-reality applications. Developers can join the Mixed Reality Developer Program to get updates.

Learn more about this update.

1.8 Windows Virtual Desktop

1.8.1 Azure Monitor for Windows Virtual Desktop receives updates, will be generally available in the next few weeks

Updates are now available for Windows Virtual Desktop, which provides a unique virtual desktop infrastructure solution with capabilities that include improved deployment tools, security enhancement and integration with Microsoft Teams. Azure Monitor for Windows Virtual Desktop, which will be generally available in the next few weeks, provides a centralized view with all the monitoring insights and visualizations needed to debug and troubleshoot issues and operate at scale. With the latest updates, customers can:

  • View a summary of host pool status and health;
  • Find and troubleshoot problems in the deployment;
  • Understand and address user feedback; and
  • Understand utilization of resources and make decisions on scaling and cost management.

Learn more about this update.


2.1.1 New integrations between Dynamics 365 and Microsoft Teams make business processes more collaborative and accessible

New and updated capabilities between Dynamics 365 and Microsoft Teams make processes more collaborative and accessible. These new integrations, available now unless noted, can enhance workflows across an organization as follows:

  • Sales: Sellers can track career movements of contacts using LinkedIn Sales Navigator, as well as connect sales records to Microsoft Teams without leaving Dynamics 365 Sales. Support for legacy phone infrastructure means organizations can use Teams to manage calls and access other functionality through a seamless interface for Dynamics 365.
  • Marketing: Marketers can set up, promote and report on events hosted on Microsoft Teams directly from Dynamics 365 Marketing, nurturing attendee relationships during and after the event across multiple channels.
  • Customer service and field service: With access to Microsoft Teams chat capability directly from Dynamics 365 Customer Service, agents can easily find and collaborate with the right subject-matter expert directly from the flow of their work to rapidly resolve customer issues.
  • Commerce: Task management functionality in Dynamics 365 Commerce allows managers and workers to create task lists, manage assignment criteria and track task status with native integrations among Commerce back office, retail store and Microsoft Teams applications.
  • Human resources: Microsoft Dynamics 365 Human Resources will be available later this year directly within Microsoft Teams, giving employees self-service access that can free up human resources (HR) staff. Managers can easily review and approve time-off requests with just a few clicks.

Learn more about this update.

2.1.2 Dynamics 365 Intelligent Order Management coming in preview

Dynamics 365 Intelligent Order Management, a new application designed to help customers scale their order management processes from intake to delivery without replacing their legacy enterprise resource planning (ERP) systems, will be available in preview in April 2021.

This configurable, rule-based, artificial intelligence (AI)-powered software-as-a-service (SaaS) application is designed to help retailers and consumer goods companies realize the omnichannel “buy anywhere, fulfill anywhere” vision with easy onboarding and user experience.

With exception-based management, business users can adjust and change any order path. The system learns how the business user reacts to each exception and learns to provide better recommendations next time. This also helps to ensure optimal stock levels and improve cash flow.

Learn more about this update.

2.1.3 Real-time personalized customer experience capabilities coming to Dynamics 365 Marketing in public preview

Real-time personalized customer experience capabilities in Dynamics 365 Marketing will be available in public preview in April.

These real-time customer-led journey orchestration capabilities in Dynamics 365 Marketing help engage customers based on interactions across marketing, sales, commerce, customer voice, digital events and service to win customers and earn loyalty faster. Business users can personalize experiences with artificial intelligence (AI) across digital and physical touchpoints and grow with a unified, adaptable platform to make customer experiences relevant to their unique business.

Dynamics 365 Marketing enables business users to author performing content recommended by AI, backed by an intelligent digital asset management system to share, optimize and reuse content, connecting to customers in their preferred channels and engaging customers meaningfully at moments that matter. Business users can use Microsoft Teams to drive powerful online collaboration and nurture event attendees into loyal customers. Together, these connected applications help companies personalize a customer’s journey and build deeper customer relationships with more meaningful engagement across both digital and physical channels.

Learn more about this update.

2.2 Power Platform

2.2.1 Robotic process automation from Microsoft Power Automate now included with Windows 10

Microsoft Power Automate Desktop, which offers robotic process automation (RPA) capabilities that easily automate time-consuming manual work, will be available to Windows 10 users at no additional cost.

Customers can download Power Automate Desktop at no additional cost and begin creating automated workflows between apps and services to synchronize files, get notifications, collect data and more. The low-code RPA capability in Power Automate Desktop was first introduced in 2020.

Learn more about this update.

2.2.2 New Power BI Premium architecture and features now in preview

The latest update to Power BI Premium is now available in preview. This includes architectural updates for across-the-board improvements to performance, stability and security. Premium Gen 2 delivers enhancements for every Power BI Premium customer, including:

  • Flexibility to license per user or per capacity;
  • Faster processing — up to 16x performance boost with Microsoft managed architecture;
  • Autoscale to automatically add capacity when needed; and
  • Consistent and reliable cost management with utilization metrics.

Power BI Premium enables analysts and business data users to create and analyze business intelligence (BI) reporting. For enterprises and IT admins, the new Power BI Premium offers major improvements in governance and scale with features like Microsoft-owned resource management, utilization metrics, autoscale and integrated security.

In addition, the preview price list release of Premium Per User enables customers to license Premium features, including all the new releases, on a per-user basis.

A private preview of the new Power BI Premium was announced in September 2020.

Learn more about this update.

2.2.3 Microsoft launches open-source low-code programming language, Microsoft Power Fx

Microsoft has published the first low-code programming language, Microsoft Power Fx, for logic customization across the Power Platform. This language, with origins in Excel, is available now, with implementation being open sourced on GitHub later this year.

Currently used as the language to develop canvas apps in Microsoft Power Apps, Power Fx will eventually become the consistent language across the Power Platform. Expressed in text, it’s a low-code language that makers can work with directly.

Power Fx leverages the knowledge of Excel users to reduce barriers for citizen developers getting started with low-code development. Professional developers can accelerate their app development with the simplicity of formulas and code using their favorite professional developer tools.

Learn more about this update.

2.2.4 Power Platform releases new IT governance and security features

Power Platform is introducing features that enable IT pros to implement enhanced governance and security for low-code tools and automation. As low-code adoption grows, governance and security are increasingly important.

The features include a new Power Platform admin center and capabilities, security improvements and reporting enhancements. Some features are now available in preview; others will launch next month.

IT professionals will benefit from key improvements in data loss prevention (DLP) and administration of Power Platform with new admin controls and reporting and new security standards implementation.

Learn more about this update.

2.2.5 Power Virtual Agents AI capabilities released in preview

New artificial intelligence (AI) capabilities within Power Virtual Agents have been released in preview to enable subject-matter experts to build smarter chatbots.

These new AI-infused features enable chatbots to engage more naturally and more accurately and are designed to help organizations and citizen developers feel more confident about addressing customer and employee needs with chatbots at scale.

New AI capabilities in public preview are:

  • Topic overlap detection helps improve triggering accuracy by finding overlaps between topics, reducing the need for the bot to ask clarifying questions before triggering a topic.
  • Topic suggestions from chat transcripts analyzes chat transcripts from previous conversations and provides suggestions for new topics.

Learn more about this update.

3. INDUSTRY CLOUD 3.1. Industry Cloud

3.1.1. New Microsoft industry clouds released to preview; healthcare cloud updated

Three new Microsoft industry clouds will soon be available to power the financial services, manufacturing and nonprofit sectors. These new clouds will join the already available Microsoft Cloud for Healthcare, launched in October 2020, and Microsoft Cloud for Retail, announced in January 2021.

Microsoft Cloud for Financial Services and Microsoft Cloud for Retail are accepting customers for public preview for the end of this month. Microsoft Cloud for Nonprofit and Microsoft Cloud for Manufacturing will begin accepting customers for public preview by the end of June 2021.

In addition, the first update to Microsoft Cloud for Healthcare will be released in April 2021. This update includes four new features and adds support for eight additional languages. Feature updates focus on further streamlining virtual health, care collaboration and patient self-service.

Microsoft industry clouds are tailored to address unique industry needs and decrease time to value from years to months. The industry clouds provide automation and efficiency on high-value workflows, as well as deep data analytics for structured and unstructured data. They offer software-as-a-service (SaaS) solutions that automatically provide customers with industry-specific capabilities via Microsoft 365, Dynamics 365, Microsoft Power Platform and Azure. They also support industry interoperability and compliance standards. ​

  • Microsoft Cloud for Financial Services empowers financial institutions to accelerate innovation while meeting strict industry compliance requirements.
  • Microsoft Cloud for Retail makes it possible for retailers to better know their customers and connect and personalize their experiences throughout the end-to-end shopper journey, so customers keep coming back.
  • Microsoft Cloud for Nonprofit helps organizations accelerate their mission outcomes, advance their influence and connect people and resources.
  • Microsoft Cloud for Manufacturing supports the manufacturing industry in finding efficiencies as they strive to out-innovate and outperform the competition.
  • Microsoft Cloud for Healthcare enhances patient engagement, empowers health team collaboration and improves clinical and operational insights.

Learn more about this update.


4.1.1 Updates for Outlook will help improve time management, organization

Microsoft is introducing multiple time management updates for Outlook to help users better manage their calendars and schedule tasks.

  • Outlook calendar board, an update to the Outlook calendar that adds a free-form view to the traditional grid view, is now available in Outlook on the web. The calendar board view provides a customizable visual tool for organizing and managing calendars, files, reminders and to-do lists in one place. Users can try it by logging in to Outlook on the web and selecting “Board” from the calendar views drop-down menu or by clicking here.
  • Suggested times in Outlook mobile is starting to roll out this month to business customers worldwide who use their work account in Outlook for iOS and Android. Suggested times uses artificial intelligence (AI) to suggest times when participants are available for meetings, which can be difficult to see on a small screen. Outlook mobile will use AI to understand the meeting owner’s commitments, priorities and preferences and to suggest times to meet when attendees are free, even if the meeting owner isn’t.

Learn more about these updates.

4.2 Microsoft Teams

4.2.1 Microsoft Teams Connect, which strengthens external collaboration with shared channels, now in private preview

Microsoft Teams Connect, which helps organizations collaborate seamlessly with customers, partners, suppliers or other external parties through shared channels, is now in private preview. Microsoft Teams Connect leverages the deep collaboration capabilities that Teams brings together, such as chat, meetings, app collaboration and real-time document co-authoring, all while maintaining control over how users access data and information.

With shared channels, users can add individuals to a single channel rather than to an entire team. Each shared channel will appear within a user’s primary Teams tenant alongside existing teams and channels, providing convenient access within their current flow of work.

Teams Connect will be made generally available later this calendar year.

Learn more about this update.

4.2.2 New presenter layouts and audience views available in Teams meetings

New Teams features are available to help presenters deliver content more professionally and offer meeting participants dynamic experiences to keep them more engaged.

  • PowerPoint Live in Teams is now generally available. Presenters often share their desktops in virtual meetings, providing limited ability for the audience to interact. With PowerPoint Live in Teams, presenters can deliver richer, more inclusive experiences and lead meetings more confidently with notes, slides, meeting chat and participants all in a single view. Attendees can personalize their experience by privately navigating the content at their own pace or using high-contrast mode to make content more accessible.
  • Presenter mode is available this month, with more options coming soon. Presenter mode empowers presenters to customize how their video feed and content appear for the audience. New options coming soon are Standout, which shows the speaker’s video feed in front of the shared content; Reporter, which shows content as a visual aid above the speaker’s shoulder; and Side-by-side, which shows the presenter’s video feed alongside their content as they present. Standout will become generally available this month, with Reporter, Side-by-side and other options coming soon.
  • Dynamic view will become generally available in the coming weeks. Dynamic view intelligently arranges meeting elements for an optimal presentation. Presenters can now place the gallery on top so participants appear at the top of the meeting window, helping maintain more natural eye contact with the audience. In addition, the participant gallery automatically adjusts when the meeting window is resized.

Learn more about this update.

4.2.3 New features for Microsoft Teams Rooms and newly certified peripherals for Teams help deliver meeting experiences in the hybrid workplace

New features for Teams Rooms plus Teams-certified devices are now available to help deliver more inclusive meeting experiences for all participants.

Historically, meeting rooms were designed to facilitate in-room collaboration. With more people working from home, virtual meeting room experiences must enable all participants to be seen and heard clearly and to fully participate in the meeting, no matter where they join from. With the proper investments in personal, at-home spaces as well as in the meeting spaces at work, meetings become more equitable for participants. Updates are:

  • New gallery views in Teams Rooms, now generally available, include Together Mode and large gallery. These views enable everyone in a meeting to see meeting content whether the room has one screen or two.
  • Microsoft now certifies hardware with audio and video optimized for Microsoft Teams meetings and calling. Certified monitors are the Dell Video Conferencing Monitor and the Poly Studio P21. These monitors integrate a microphone, speaker, camera and lights (only in P21). Employees simply attach their PC via USB to get started. The new P15 Video Bar from Poly is an easy-to-mount peripheral that transforms an existing monitor into a high-quality Teams endpoint. Another Teams certified peripheral, the new Cam130 by Aver, integrates lights as well, allowing users to present their best selves in video meetings.
  • Intelligent speakers will be available in private preview later in 2021. Using advanced speech recognition, intelligent speakers can identify the people talking in a Microsoft Teams Room. The speakers include a special 7-array microphone that uses artificial intelligence (AI) to identify and differentiate the voices of up to 10 people in meetings and apply their name and profile to the live meeting transcript. Now, attendees in the new hybrid workplace using the transcript to follow along or capture action items will know who in the room said what. To help ensure privacy and security, users can turn attribution on or off at any time.

Learn more about these updates.

4.2.4 Microsoft Teams adds security, privacy and compliance features

New security, privacy and compliance features in Microsoft Teams enable safe and trustworthy online communication and collaboration. They are:

  • Invite-only meetings controls will be generally available this month. Invite-only meetings controls help ensure that only intended participants join a meeting.
  • Disable video will be generally available in the first half of this calendar year. This feature is intended to limit potential disruptions, along with other capabilities such as Invite-only meetings and recently announced chat moderation controls.
  • End-to-end encryption (E2EE) for 1:1 Teams calls will be available to commercial customers in preview in the first half of this year. Teams will support end-to-end encryption for organizations to help customers meet their security and compliance requirements by providing an additional option for conducting sensitive online conversations. For example, a call from an IT admin giving an employee her password over Teams could be conducted with E2EE. In this first release, customers will have the ability to enable E2EE for 1:1 unscheduled Teams calls. Customers will be able to specify which members of their organization can use E2EE. Future updates will be made available to support customers’ evolving compliance needs, including expanding to scheduled calls and online meetings.
  • Teams multigeo support will be generally available in the first half of this calendar year. Multigeo support for Teams data will give multinational organizations greater control over the location of specific data centers where their Teams data is stored, down to the team and user level. Similar to the multigeo capabilities available to customers with Exchange Online and SharePoint Online, this update helps organizations meet specific data compliance and regulatory standards in certain countries and in highly regulated industries.

Learn more about these updates.

4.2.5 Microsoft Teams adds support for webinars and broadcasts

The Microsoft Teams app can now support interactive customer webinars for up to 1,000 attendees. Teams’ end-to-end webinar support includes custom registration, rich presentation options, host controls (such as the ability to disable attendee chat and video) and post-event reporting. Teams webinars can also seamlessly scale to a 10,000-person view-only broadcast experience — and, during this time of increased remote work, 20,000-person broadcasts are available through the end of this year. Select Teams webinar capabilities, including registration, 1,000- and 20,000-attendee limits and attendee reporting, will become generally available starting this month.

In addition, customers can now use Teams to deliver webinars as part of Dynamics 365 Marketing campaigns, now generally available. Later this year, Teams will provide the ability to export webinar contacts directly from Teams into Dynamics 365 Marketing to enable engagement with audiences before, during and after events.

Learn more about this update.

4.2.6 Microsoft Viva expands features and module availability

Microsoft Viva, which was announced in February with four modules, will soon expand features and availability of those modules. Microsoft Viva is the first employee experience platform built for the digital era, bringing together tools for employee engagement, learning, well-being and knowledge discovery directly into the flow of people’s work. The modules are Viva Connections, Viva Learning, Viva Insights and Viva Topics.

  • The Teams desktop experience of Viva Connections, which provides a curated, company-branded experience including news, conversations and other resources for employees, will become generally available this month. With Viva Connections, employees will receive personalized information delivered to the desktop apps and devices they use every day, such as Microsoft Teams. A mobile experience will also be made available in summer 2021. Viva Connections is available for no additional charge to existing Microsoft 365 and Office 365 customers.
  • Viva Learning will begin rolling out in public preview in April. This app in Teams creates a central hub for learning where people can discover, share, assign and learn from content libraries across an organization to help make learning a natural part of their day. Microsoft will share pricing and packaging details for Viva Learning when it becomes generally available.
  • Also starting in April, new personal wellbeing features, such as the virtual commute experienceunveiled at Microsoft Ignite 2020, will begin rolling out as part of the Viva Insights app in Teams, available now in the Teams app store in public preview. Viva Insights has made available an initial set of personal insights for no additional charge to existing Microsoft 365 and Office 365 customers, with manager and org leader insights as an add-on through Workplace Analytics.
  • Viva Topics automatically organizes content and expertise across an organization, making it easy for people to find information and put knowledge to work. It is generally available as an add-on for Microsoft 365 customers.

Learn more about this update.

4.3 Management

4.3.1 Microsoft 365 Office admin updates released

New cloud-based capabilities within the Microsoft 365 Apps admin center are now available. These updates are intended to help admins manage Office apps as a service and better manage IT costs.

Cloud-based admin capabilities now generally available are:

  • Servicing Profile for General Purpose devices, including Exclusion dates and Deadline
  • Inventory and Security update status
  • Reliability and performance trends by app and channel
  • Reliability advisories
  • Diagnostic coverage
  • Integration with Service Health Dashboard
  • Ability for IT admins to allow users to update their channel
  • Skip and Roll back

New admin features released to preview are:

  • Servicing Profile Restore/Pause/Resume by device and Azure AD group
  • Start Small (Support for Azure AD Groups)
  • Performance advisories
  • App health scores
  • Device-level reliability
  • Add-in health – app level
  • Reliability in Productivity Score

Learn more about this update.

4.3.2 New unified mobile app combines Microsoft Tunnel with Microsoft Defender for Endpoint

A unified mobile app for iOS and Android that combines Microsoft Tunnel virtual private network (VPN) capabilities with mobile threat defense from Microsoft Defender for Endpoint will be available in public preview early this month. The new app helps increase customer security while simplifying the end-user experience for mobile workers.

Previously, mobile users had to download two separate apps from the public app stores: Microsoft Tunnel and Microsoft Defender for Endpoint. After this change, users of iOS and Android devices will get both capabilities from the Microsoft Defender for Endpoint app. For IT administrators, the configuration and management experience will remain unchanged.

Learn more on the Security Blog or Tech Community.

4.3.3 Universal Print now generally available

Universal Print, a cloud-based print solution, is now generally available to enterprise and education customers as part of their Windows and Microsoft 365 subscriptions or through a stand-alone purchase. Universal Print eliminates the need for print servers or installing printer drivers and provides simple and secure printing in zero-trust environments.

Users can not only print from Windows devices to Azure Active Directory (Azure AD) registered printers, but they will also be able to print documents from the OneDrive for Business web experience across devices using the browser of their choice.

Major printer manufacturers such as Brother, Canon, Epson, HP, Konica Minolta, Lexmark, Toshiba, Ricoh and Xerox support Universal Print, so customers can get started immediately. A robust set of software partners address customers’ unique business need with software tools and cloud services.

Universal Print has been in preview since March 2020, with an update in July 2020.

Learn more about this update.

4.3.4 Windows 10 in cloud configuration Overview and Setup Guide available for download

Windows 10 in cloud configuration Overview and Setup Guide was made available for download on Feb. 2, 2021. It enables IT administrators to apply a uniform, secure and easy-to-manage cloud-based configuration of Windows 10 Pro or Enterprise devices.

Windows 10 in cloud configuration has now been integrated into Microsoft Endpoint Manager, which will make it even easier to provide a secure device configuration tailored for worker needs.

Learn more about this update. 


5.1.1 Attack Simulation Training now generally available

Attack Simulation Training, which helps customers detect, prioritize and remediate phishing risk, is now generally available in Microsoft Defender for Office 365. Attack Simulation Training uses neutralized versions of real attacks to simulate the continually changing attacker landscape, enabling highly accurate and up-to-date detection of risky behavior, with rich reporting and analytics to help customers measure their progress.

General availability began Jan. 6, 2021. A public preview was announced in September 2020 and extended to all Microsoft 365 E3 and E5 customers in November 2020.

Learn more on the Security Blog or Tech Community.

5.1.2 Updates for Azure confidential computing and Key Vault now in preview

Several updates for Azure confidential computing and Key Vault are now in preview.

  • Azure Key Vault Managed HSM, a fully managed, highly available, single-tenant key management service with FIPS 140-2 Level 3 validated hardware security modules (HSMs), is now available in preview.
  • Always Encrypted with secure enclaves, which are protected regions of memory that enable confidential queries, is now available in preview for SQL Server 2019 and in Azure SQL Database.
  • Trusted Launch, which provides protection against boot kits, rootkits and kernel level malware, is now available for both confidential and non-confidential virtual machines (VMs).

Learn more about these updates.

5.1.3 Azure Security Center and Azure Defender updates now available

Several updates for Azure Security Center and Azure Defender are now available. Windows Server 2019 in Azure Defender now has improved security alerts experiences as well as endpoint detection and response (EDR) support. Azure Security Center has improved integration of network security and new reporting capabilities.

The improved alerts experience includes an improved triaging experience with better performance for larger alert lists, alignment with Azure Sentinel’s incident experience and additional alerts from the Azure Resource Graph.

EDR support for Windows 2019 is now added to Microsoft Defender for Endpoint, which is included in Azure Defender.

The security status of Azure Firewalls is now available in the Azure Security Center dashboard through integration with the Azure Firewall Manager.

The new reporting capabilities in Azure Security Center, in preview, enable customers to create quick reports on top of security data. Customers can use new out-of-the-box reports or write their own reports using Azure Workbooks.

Learn more about Azure Security Center announcements.

5.1.4 New connectors and deeper XDR integration now available for Azure Sentinel

Several updates are now in public preview or generally available for Azure Sentinel, a scalable, cloud-native security information event management (SIEM) solution. These updates help expand extended detection and response (XDR) integration for Microsoft, which has the most integrated SIEM and XDR in the industry today with shared incidents, schema and user experiences between Microsoft 365 Defender and Azure Sentinel. These updates are:

  • Shared incidents, schema and user experiences between Microsoft 365 Defender and Azure Sentinel, now in public preview.
  • New built-in security orchestration automated response (SOAR) playbooks to create automation rules, block suspicious IP address in Azure Firewall, isolate endpoint device with Microsoft Intune and update risk state of a user with Azure Active Directory Identity Protection.
  • Over 30 new built-in connectors that simplify data collection across multicloud environments including Microsoft Dynamics, Salesforce Service Cloud, VMware and Cisco Umbrella.
  • Connectors to Azure Storage, Azure SQL, Azure Kubernetes Service and Azure Key Vault now in public preview.
  • Data ingestion improvements including normalized data for networking and health reporting for connectors.
  • Improvements in analytics now in general availability: alerts enrichment for custom fields, entity mapping, notebooks for investigations and hunting.

Forrester Research has named Microsoft Azure Sentinel as a “Leader” in the Forrester Wave™: Security Analytics Platform Providers, Q4 2020.

Learn more on the Security Blog and about Azure Sentinel.

5.1.5 Microsoft extends Secured-core to Windows Server 2022 and edge devices

Edge Secured-core, a new device label within the Azure Certified Device program, has been released to public preview. This label identifies edge devices that meet a defined set of security requirements.

The Secured-core label was previously announced for enterprise Windows devices. Now, enterprise customers seeking Internet of Things (IoT) devices that meet the Azure defined security bar can easily identify device models that have the Edge Secured-core label in the Azure Device Catalog. As part of this requirement, devices will have Azure Defender for IoT built in.

Windows Server 2022, now available in preview, supports the latest security innovations, hybrid capabilities with Azure and enhancements for modernizing applications.

This release brings Secured-core to Windows Server to help secure the systems that would run workloads on Windows Server 2022. Secured-core builds on technologies such as System Guard and Windows Server Virtualization-based Security to minimize risk from firmware vulnerabilities and advanced malware.

The new release also provides secured connectivity enabled by industry standard AES 256 encryption. Windows Server 2022 improves hybrid server management with enhancements to performance monitoring and event alerts in Windows Admin Center. Furthermore, this release includes significant improvements to Windows container runtime, such as virtualized time zones and IPV6 support for globally scalable apps, as well as containerization tools for .NET, ASP.NET and IIS applications.

Learn more about security and identity on the Security Blog.  

5.1.6 Microsoft 365 Defender updates expand Microsoft’s XDR solution

With updates to Microsoft 365 Defender now available in preview, Defender for Endpoint and Defender for Office 365 customers can now investigate and remediate threats from the single, integrated Microsoft 365 Defender portal. These updates are Microsoft’s latest step toward creating the most integrated extended detection and response (XDR) solution. Expanded capabilities and additional features now available in preview include:

  • Unified alerts, user and investigation pages for deep, automated analysis and simple visualization.
  • Extended email alert capabilities in a new email entity page. This provides a 360-degree view of email alerts, with relevant context.
  • A new Learning Hub where customers can leverage instructional resources with best practices and how-tos.

Learn more about security and identity on the Security Blog. 

5.1.7 Threat Analytics in Microsoft 365 Defender now in public preview

Threat Analytics, a set of reports from expert Microsoft security researchers that help customers understand, prevent and mitigate active threats, is now available in public preview for Microsoft 365 Defender. This release extends the proactive guidance of Microsoft security researchers, which had previously been available only in Defender for Endpoint.

The public preview began on Jan. 31, 2021.

Learn more about this update. 

5.2 Compliance

5.2.1 Microsoft 365 data loss prevention now in preview for Chrome and on-premises

Microsoft 365 is offering data loss prevention (DLP) for Chrome browsers and on-premises server-based environments (for example, file shares and SharePoint Server 2010/2013/2016), currently available in preview.

From the Microsoft 365 Compliance Center, customers can now extend DLP policies consistently across all their environments. DLP helps identify and prevent accidental sharing of sensitive data.

Learn more about this update.  

5.2.2 Microsoft 365 Insider Risk Management Analytics available in public preview

Microsoft 365 Insider Risk Management Analytics, which can identify potential insider risk activity within an organization and help inform policy configurations, will start rolling out to tenants in public preview this month.

With one click, customers can run a daily scan of their tenant audit logs, including historical activity, and leverage the Microsoft 365 Insider Risk Management machine learning engine to identify potential risky activity, with privacy built in.

Learn more on the Security Blog, Tech Community or Microsoft Docs.

5.2.3 Co-authoring of documents protected with Microsoft Information Protection now in preview

Co-authoring of documents protected with Microsoft Information Protection (MIP) is now available in preview. This enables multiple users to work simultaneously on MIP-protected documents.

MIP is a built-in, intelligent, unified and extensible solution to protect sensitive data in documents and emails across Microsoft 365 apps.

Learn more about this update. 

5.3 Identity

5.3.1 AWS Single Sign-On now available in Azure AD app gallery

AWS Single Sign-On (SSO), a cloud-based service that simplifies SSO access across multiple Amazon Web Services (AWS) accounts and resources, is now pre-integrated in the Azure Active Directory (Azure AD) app gallery. Customers can now quickly configure single sign-on and user provisioning to AWS SSO using the Azure AD app gallery.

This integration streamlines access to AWS resources and accounts. As a pre-integrated application in the Azure AD app gallery, AWS SSO can be quickly connected to Azure AD for centralized access management of AWS resources. End users can sign into AWS SSO using their Azure AD credentials to access all their assigned AWS resources.

Learn more about this update.

5.3.2 Azure Active Directory gets new capabilities to modernize authentication

Two new capabilities to be available this month will help customers unify their identity management with Azure Active Directory (Azure AD), which can reduce costs of managing multiple identity providers, strengthen security and provide end users with seamless access to all apps.

  • The AD Federation Services (FS) activity and insights report, available in the Azure portal, lets customers quickly identify which applications are capable of being upgraded to Azure AD. It assesses all AD FS applications for compatibility with Azure AD, checks for any issues and gives guidance on preparing individual applications for migration to Azure AD.
  • New secure hybrid access integrations enable admins to connect and protect their legacy applications, such as non-HTTP, LDAP and SSH apps, to Azure AD. Expanded partnerships include Silverfort, Datawiza, Perimeter 81 and Strata.

Learn more about this update.

5.3.3 Azure Active Directory passwordless authentication now generally available

Passwordless authentication in Azure Active Directory (Azure AD) is now generally available. Employees at organizations that activate passwordless authentication will no longer need to use passwords to sign into the network. Instead, they can sign in with a look or tap using Windows Hello for Business, Microsoft Authenticator app or compatible FIDO2 security keys from Microsoft Intelligent Security Association (MISA) partners (Yubico, Feitian, AuthenTrend and more). Azure AD also now enables configuration of policies for different users, groups and types of credentials, and provides reporting and APIs.

In addition, Temporary Access Pass, a time-limited code used for setup and recovery of a passwordless credential, has been released to public preview. With Temporary Access Pass, new network users receive a one-time password to log in and register their account and then register a passwordless credential, such as the Authenticator app, to use going forward. Temporary Access Pass can also be used to replace a lost credential or recover an account.

Learn more about security and identity on the Security Blog. 

5.3.4 Azure Active Directory releases two enterprise app management updates

Azure Active Directory (Azure AD) is releasing two enterprise app management updates that give admins more ways to secure and manage applications while simplifying employees’ access to the apps they need. Organizations can further consolidate their identity management infrastructure, enable access to apps from any devices and apply consistent conditional access policies to all applications.

  • Application Template API will be generally available this month. The Application Template API in Microsoft Graph allows admins and developers to programmatically manage applications in the Azure AD app gallery. This API allows admins and developers to list, search, update or create applications in the Azure AD app gallery via an API.
  • Admin Consent Workflow will be generally available this month. The Admin Consent Workflow gives admins a secure way to grant access to applications for users who require approval. When users try to access an application that requires admin consent, they can now send a request to admins during the sign-in flow. A public preview of Admin Consent Workflow was announced in September 2020.

Learn more on the Security Blog, and about App Template API or Admin Consent Workflow.

5.3.5 Azure Active Directory verifiable credentials to enter public preview

Azure Active Directory (Azure AD) verifiable credentials will be available in public preview in April 2021, and new partnerships with identity verification providers will improve verifiability and secure information exchange.

The verifiable credentials capability in Azure AD enables organizations to issue digital claims about identity attributes based on open standards. Individuals can manage credentials in the Microsoft Authenticator app and developers will be able to request and verify credentials via an application software development kit (SDK).

New partnerships with leading identity verification providers Onfido, Socure and others will improve verifiability and secure information exchange while protecting privacy for businesses, employees, contractors, vendors and customers.

In addition, new customer pilots include Keio University, government of Flanders and National Health Service in the United Kingdom.

Learn more about this update.

5.3.6 Azure Active Directory Application Proxy updates now available

New capabilities in Azure Active Directory (Azure AD) Application Proxy will enable organizations to consolidate their identity management infrastructure and apply consistent conditional access policies to all apps, allowing remote workers to connect more securely.

These new capabilities are:

  • General availability of support for header-based authentication in Azure AD Application Proxy to enable organizations to move header-based authentication apps from systems like SiteMinder and Oracle Access Manager, and natively connect them to Azure AD. A public preview was announced in December 2020.
  • App Proxy geo routing is now available in public preview. This feature allows customers to designate which region their App Proxy service connector group should use so that they can choose the same region their application is in with the service connector, improving performance and reducing the latency to the App Proxy service.

Learn more about these updates.

5.3.7 Azure Active Directory Conditional Access authentication context soon in preview

Azure Active Directory (Azure AD) Conditional Access authentication context is coming soon to public preview. Azure AD Conditional Access enables customers to configure and fine-tune their access policies with factors such as user, device, location and real-time risk information to control what a specific user can access, as well as when and how they can access it. App-triggered Confidential Access policies (authentication context), which enables additional access controls at the app level, has been released to public preview.

By enabling more granular security at the app level, authentication context lets organizations move away from one-size-fits-all controls and adopt more balanced policies that appropriately protect important information without unduly restricting access to less-sensitive content.

Learn more about this update.

5.3.8 Azure Active Directory External Identities will be generally available

Azure Active Directory (Azure AD) External Identities, a set of capabilities that enable organizations to secure and manage access for customers and partners, will be generally available beginning this month.

Customers can protect their business to business (B2B) and business to consumer (B2C) apps and users with adaptive, machine learning-driven security with Azure AD Identity Protection, plus flexible low-code/no-code customization and controls over the user experience.

Azure AD offers a single cloud-based platform for identity and access management. Customers can get started with External Identities with their first 50,000 monthly active users free, at any tier.

A public preview of External Identities was announced in May 2020.

Learn more about security and identity on the Security Blog.  

5.4 Investments in Security Skilling

5.4.1 New Security, Compliance and Identity certifications and content aim to close security skills gap

To help address the security skills gap, Microsoft has added four new Security, Compliance and Identity certifications with supporting training and has made several updates to the Microsoft Security Technical Content Library. These certifications and content are intended to help cybersecurity professionals increase their skilling knowledge and keep up with complex cybersecurity threats.

These new certifications with supporting training are tailored to specific roles and needs, regardless of where customers are in their skilling journey:

  • The Microsoft Certified: Security, Compliance, and Identity Fundamentals certification will help individuals get familiar with the fundamentals of security, compliance and identity across cloud-based and related Microsoft services.
  • The Microsoft Certified: Information Protection Administrator Associate certification focuses on planning and implementing controls that meet organizational compliance needs.
  • The Microsoft Certified: Security Operations Analyst Associate certification helps security operational professionals design threat protection and response systems.
  • The Microsoft Certified: Identity and Access Administrator Associate certification helps individuals design, implement and operate an organization’s identity and access management systems by using Azure Active Directory (Azure AD).

In addition, the Microsoft Security Technical Content Library contains new technical content and resources.

Learn more about these updates.

6. SKILLING AND CERTIFICATIONS 6.1 Training and Certifications Updates

6.1.1 New fundamentals certifications for Microsoft Dynamics 365 now available

Two new fundamentals certifications for Microsoft Dynamics 365 were announced in December 2020, and the corresponding beta exams were made available in February 2021. They are:

  • Microsoft Certified: Dynamics 365 Fundamentals Customer Engagement Apps Associate (CRM)
  • Microsoft Certified: Dynamics 365 Fundamentals Finance and Operations Apps Associate (ERP)

Learn more about the certifications for Customer Engagement and the Finance and Operations Apps Associate.

6.1.2 Microsoft Certifications renewal assessment now available for free on Microsoft Learn

Microsoft Certifications renewal is now available for free on Microsoft Learn to support individuals who want to keep their technical skills up to date.

This lets people spend more time building their technical skills and certifying their knowledge, while reducing the stress, complexity and costs associated with keeping certificates active. Anyone can renew their role-based and specialty certifications by passing an online renewal assessment at no cost.

To help learners prepare, optional curated learning content aligned to the renewal assessment is also available.

This update was previously announced in December 2020.

Learn more about this update.

6.1.3 New Microsoft Certification for Windows Virtual Desktop launching this month

A new certification for developers and IT administrators working on Windows Virtual Desktop is launching this month. The beta exam for the Microsoft Certified: Windows Virtual Desktop Specialty will be available to the public at the end of this month at a discounted rate. Once the beta exams are scored, the exam will be in general availability; those who have passed will have earned the Microsoft Certification. Learn more about this new certification.

Learn more about these updates.