Search the Community
Showing results for tags 'cloud services'.
Does Redmond have a reliability problem? Comment Microsoft has fixed an issue with its OneDrive and SharePoint services where users were unable to sign in, caused by a faulty remediation for the earlier Azure Active Directory outage. "We're investigating an issue affecting access to multiple Microsoft 365 services. We're working to identify the full impact," said a Microsoft 365 status tweet at around 10:45pm last night GMT. It was a reference to a major outage across the company's cloud services, beginning perhaps 20 minutes earlier, including both Microsoft 365 and some Azure services. The incident continued for hours until around 3:20am today when Microsoft reported that "the majority of services are now recovered for most users". The core service affected was Azure Active Directory, which controls login to everything from Outlook email to Teams to the Azure portal, used for managing other cloud services. The five-hour impact was also felt in productivity-stopping annoyances like some installations of Microsoft Office and Visual Studio, even on the desktop, declaring that they could not check their licensing and therefore would not run. There are claims that the US emergency 911 service was affected, which is not implausible given that the RapidDeploy Nimbus Dispatch system describes itself as "a Microsoft Azure–based Computer Aided Dispatch platform". If the problem is authentication, even resilient services with failover to other Azure regions may become inaccessible and therefore useless. The company has yet to provide full details, but a status report today said that "a recent configuration change impacted a backend storage layer, which caused latency to authentication requests". Status tweets allow us to track some of the developments. 11:36pm: "We've rolled back the change that is likely the source of impact." 11:49pm: "We're not observing an increase in successful connections after rolling back a recent change." 12:48am: "We're rerouting traffic to alternate infrastructure to improve the user experience." 1:40am: "We're seeing improvement for multiple services after applying mitigation steps." It was not completely over even after the main outage was fixed. Microsoft reported today via the Admin Center that "some users were unable to access SharePoint Online or OneDrive for Business" between 7:20am and 11:52am UK time. The problem was that "a change put in place to mitigate impact during the recent AAD outage caused this issue". Microsoft added: "We're reviewing our deployment and provisioning procedures to help prevent similar problems in the future." Every IT administrator will feel sympathy for the engineers working under stress to fix issues that have such wide consequences. "We acknowledge the unfortunate reality that – given the scale of our operations and the pace of change – we will never be able to avoid outages entirely," said CTO Mark Russinovich on 17 August. Subsequent events proved the truth of those words, especially in the UK, where a major Azure data centre suffered an outage only two weeks ago. Outages may be inevitable, but nevertheless Microsoft has some hard questions to answer. Measuring cloud reliability is non-trivial since what matters is not the number of outages but their extent and impact. Microsoft seems to have more than its fair share of problems. Gartner noted recently that it "continues to have concerns related to the overall architecture and implementation of Azure, despite resilience-focused efforts and improved service availability metrics during the past year". The analyst's reservations were based in part on the low ration of availability zones to regions, and that "a limited set of services support the availability zone model". Gartner's concerns are valid, but this was not the cause of the recent disruption. Bill Witten, identity architect at Okta, was to the point, commenting: "So, does everyone get why the mono-directory is not a good idea?" Microsoft has built so much on Azure Active Directory that it is a single point of failure. The company either needs to make it so resilient that failure is near-impossible (which is likely to be its intention), or consider gradually reducing the dependence of so many services. The recent outages are an embarrassment for the company, coming so soon after the Ignite online conference. Microsoft does not talk about it much, but it is perhaps the single biggest issue facing its cloud ambitions and ability to continue its catch-up effort with AWS. Source
steven36 posted a topic in Security & Privacy NewsField-programmable gate arrays (FPGAs) are, so to say, a computer manufacturer’s “Lego bricks”: electronic components that can be employed in a more flexible way than other computer chips. Even large data centers that are dedicated to cloud services, such as those provided by some big technology companies, often resort to FPGAs. To date, the use of such services has been considered as relatively secure. Recently, however, scientists at Karlsruhe Institute of Technology (KIT) uncovered potential gateways for cyber criminals, as they explain in a report published in the IACR journal. (DOI: 10.13154) While conventional computer chips mostly perform a very specific task that never changes, FPGAs are capable of assuming nearly every function of any other computer chip. This often makes them first choice for the development of new devices or systems. “FPGAs are for example built into the first product batch of a new device because, unlike special chips whose development only pays off when produced in high volumes, FPGAs can still be modified later,” says Dennis Gnad, a member of the Institute of Computer Engineering (ITEC) at KIT. The computer scientist compares this to a sculpture made from reusable Lego bricks instead of a modeling compound that can no longer be modified once it has hardened. Therefore, the fields of application of these digital multi-talents span the most diverse sectors, such as smartphones, networks, the Internet, medical engineering, vehicle electronics, or aerospace. Having said that, FPGAs stand out by their comparatively low current consumption, which makes them ideally suited for the server farms run by cloud service providers. A further asset of these programmable chips is that they can be partitioned at will. “The upper half of the FPGA can be allocated to one customer, the lower half to a second one,” says Jonas Krautter, another ITEC member. Such a use scenario is highly desirable for cloud services, where tasks related e.g. to databases, AI applications, such as machine learning, or financial applications have to be performed. Multiple-user access facilitates attacks Gnad describes the problem as follows: “The concurrent use of an FPGA chip by multiple users opens a gateway for malicious attacks.” Ironically, just the versatility of FPGAs enables clever hackers to carry out so-called side-channel attacks. In a side-channel attack, cyber criminals use the energy consumption of the chip to retrieve information allowing them to break its encryption. Gnad warns that such chip-internal measurements enable a malicious cloud service customer to spy on another. What is more, hackers are not only able to track down such telltale current consumption fluctuations – they can even fake them. “This way, it is possible to tamper with the calculations of other customers or even to crash the chip altogether, possibly resulting in data losses,” Krautter explains. Gnad adds that similar hazards exist for other computer chips as well. This includes those used frequently for IoT applications, such as smart heating control or lighting systems. To solve the problem, Gnad and Krautter adopted an approach that consists in restricting the immediate access of users to the FPGAs. “The challenge is to reliably filter out malicious users without tying up the legitimate ones too much,” says Gnad. Source
steven36 posted a topic in Technology News(Reuters) - Microsoft Corp and Oracle Corp on Wednesday said they reached an agreement to make their two cloud computing services work together with high-speed links between their data centers, targeting big business users and uniting against cloud computing leader Amazon.com’s Amazon Web Services. The two companies said the high-speed link between their data centers would start with facilities in the eastern United States and spread to other regions. They will also work together to let joint users log into to services from either company with a single user name and get tech support from either company. The move comes as both Oracle and Microsoft are courting large businesses and government customers considering moving computing tasks currently handled in their own data centers to cloud providers. “With Oracle’s enterprise expertise, this alliance is a natural choice for us as we help our joint customers accelerate the migration of enterprise applications and databases to the public cloud,” Microsoft’s cloud chief Scott Guthrie said in a statement. AWS, the largest cloud computing provider, is encroaching on many of those customers, including in Oracle’s historical stronghold in the database market. “With this alliance, our joint customers can migrate their entire set of existing applications to the cloud without having to re-architect anything, preserving the large investments they have already made,” Don Johnson, executive vice president of Oracle’s cloud infrastructure unit, said in a statement. Microsoft has previously inked a deal with German software maker SAP SE and Adobe Inc to make their services work better together. Ed Anderson, an analyst with research firm Gartner, said the move was a clear “jab” at AWS, especially for Oracle. “It’s no secret that Oracle views AWS as a major competitor in the database market,” he said. Anderson also said there remained some unanswered questions about the deal, such as whether customers would face data transfer fees for moving large amounts of information back and forth between services. But overall, Anderson said the move would likely benefit the companies by helping their pitch to large businesses already using services from both. “It’s a great way for both companies to be able to hitch their cloud offerings together,” Anderson said. Source