Tech Tips, Tricks & Trivia

This Week I Learned -  *  Azure Cognitive Services Translator can transliterate /converts text in one language from one script to another script. * Gmail protects your email by making sure messages you send and receive are authenticated. Unauthenticated messages might be sent to spam. Gmail authenticates messages with SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC or Domain-based Message Authentication, Reporting, and Conformance.  * SPF specifies which hosts are allowed to send messages from a given domain by creating an SPF record. DKIM allows the sender to electronically sign legitimate emails in a way that can be verified by recipients using a public-key. DMARC helps mail administrators prevent hackers and other attackers from spoofing their organization and domain. Spoofing is a type of attack in which the From address of an email message is forged. A spoofed message appears to be from the impersonated organization or domain. * Messages that aren't

The 90-minute Pluralsight course SAP on Azure: The Big Picture provides a "just enough" backgrounder on SAP & options for hosting SAP workloads on major cloud providers, mainly Azure. My paraphrased notes -  Four common options with major cloud providers: HEC or HANA Enterprise Cloud is a bundled managed service from SAP covering SAP application management, infrastructure services & security services AWS is the first public cloud provider in the market to offer SAP in cloud Google Cloud Azure  AWS, Azure & Google Cloud can run the following SAP products: 1. SAP S/4 HANA – SAP HANA 2. SAP BW / SAP Hybris 3. SAP Business Suite / SAP Business One 4. SAP NetWeaver In addition to the above products, Azure can also run SAP HANA Enterprise Cloud, so you can get that SAP contract and still run your SAP instance on Azure.  SAP solutions on Azure can run on a variety of database such as: HANA, Oracle, SQL Server, or PaaS databases like Azure SQL, & CosmosDB Mod

Excerpts & paraphrased notes from the book  Oracle Autonomous Database for Dummies  (PDF, 83 pages) - An autonomous database is a cloud database that uses ML to eliminate the human labor associated with database tuning, security, backups, updates, and other routine management tasks.  It combines the dynamic agility of  the cloud with the intelligent responsiveness of applied, adaptive machine learning (ML).  The design goal is to make the database intelligent and self-reliant so as to minimize or eliminate human labor  — and associated human error  — and ensure data safety and optimal performance. The core attributes of Autonomous Database  — self-driving, self-securing, and self-repairing . At startup, it automatically establishes a triple-mirrored scale-out configuration in one regional cloud data center, with an optional full standby copy in another region. By applying software updates in a rolling fashion across nodes of the cluster, it keeps the application online during upda

This Week I Learned -  * IT admins will be able to access the new Log4j exploit detection solution via Microsoft Sentinel Content Hub. *  Custom neural voice , a feature of Azure Cognitive Services for Speech, is a great way to create a highly natural synthetic voice that sounds almost identical to your voice actor.  *  Log4j records events - errors and routine system operations - and communicates diagnostic messages about them to system administrators and users. Log4Shell is part of the software supply chain. Like physical objects people purchase, software travels through different organizations and software packages before it ends up in a final product. When something goes wrong, rather than going through a recall process, software is generally "patched," meaning fixed in place. Log4Shell works by abusing a feature in Log4j that allows users to specify custom code for formatting a log message.  One of the major concerns about Log4Shell is Log4j's position in the softwar

This Week I Learned -  * A failover cluster requires that more than half of its nodes are running, a condition known as having quorum. If the cluster has just two nodes, a network partition could cause each node to think it's the primary node. In that case, you need a witness to break ties and establish quorum. A witness is a resource such as a shared disk that can act as a tie breaker to establish quorum. Cloud Witness is a type of witness that uses Azure Blob Storage. The Azure Blob Storage must use Zone Redundant Storage (ZRS) to be unaffected by a zone failure. * If you choose Azure SQL DBaaS, you can reduce costs because you don't need to configure an Always On availability group and domain controller machines. There are several deployment options starting from single database up to managed instance, or elastic pools. * You're charged only for the number of configured load-balancing and outbound rules. Inbound NAT rules are free. There's no hourly charge for the A

Kishore Kumar: Method in Madness  by Derek Bose is a very engaging and well-written biography of the versatile entertainer who was not trained in music but whose work lives on & regales the masses. Each of the ten chapters of the book is about the different roles Kishore Kumar has played in a magnificent career spanning forty years. Starting as an actor at 19, he went to sing , compose, perform in stage shows, produce & direct films while being hugely popular in all the roles.  Kishore Kumar as we know him now was born on August 4, 1929 in Khandwa, a tiny township in the central Indian province of Madhya Pradesh.  A funny anecdote from the book as narrated by his elder brother Ashok Kumar about Kishore's early days:  "As a child his voice was very shrill. His speech too, was not clear as he was often down with cough and cold. But he was very fond of singing. It was more like screeching than singing. I was trained in classical music and used to sing regularly. But for K

This Week I Learned -  * To prevent apps from starting automatically, disable startup apps by moving all icons and shortcuts from the Startup folder (OSDisk\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp) to another folder. * Azure Site Recovery replicates data to an Azure storage account or managed disks, over a public endpoint. Replication isn't over a site-to-site VPN. When you replicate to Azure, replication traffic reaches the public endpoints of an Azure Storage. Thus you can only replicate over the public internet or via ExpressRoute (Microsoft peering or an existing public peering). You can use the pricing calculator to estimate costs while using Site Recovery. For detailed estimate on costs, run the deployment planner tool for VMware or Hyper-V, and use the cost estimation report .  When you use Site Recovery, you incur charges for the Site Recovery license, Azure storage, storage transactions, and outbound data transfer . * Azure Site Recovery compresses the d

Gartner defines the privileged access management (PAM) market as a foundational security technology to protect accounts, credentials and operations that offer an elevated (“privileged”) level of access.  PAM tools control privileged access for machines (systems or applications) for internal or machine-to-machine communication, and for people who administer or configure systems and applications. The capabilities of PAM include: Discovery of privileged accounts across multiple systems, infrastructure and applications Credential management for privileged accounts Delegation of access to privileged accounts Session establishment, management, monitoring and recording for interactive privileged access Controlled elevation of commands Secrets management for applications, service and devices Privileged task automation (PTA) Remote privileged access for workforce and external users Gartner's evaluation - Leaders: Cyber Ark BeyondTrust Centrify Thycotic One Identity ARCON Challengers: senha

This Week I Learned - *  17 Lessons Learned Migrating SAP to the Cloud  [PDF], Published: July 2021 * A Local Zone is an extension of an AWS Region in geographic proximity to your users. Local Zones have their own connections to the internet and support AWS Direct Connect, so that resources created in a Local Zone can serve local users with low-latency communications. * Wavelength Zones allow developers to build applications that deliver ultra-low latencies to 5G devices and end users. Wavelength deploys standard AWS compute and storage services to the edge of telecommunication carriers' 5G networks. *  The flowcharts in the official Google Cloud documentation compiled in a single article * Oracle Cloud Infrastructure's Autonomous Database is a fully managed, preconfigured database environment with four workload types available, which are: Autonomous Transaction Processing, Autonomous Data Warehouse, Oracle APEX Application Development, and Autonomous JSON Database. An autonom

Multi‑cloud and hybrid‑cloud are often used synonymously, but there is in fact a difference. Various perspectives & explanations - Microsoft - A hybrid cloud is a type of cloud computing that combines a private cloud (on-premises infrastructure), with a public cloud (computing services offered by third-party providers over the public internet). The hybrid cloud is evolving to include edge workloads. Multicloud computing refers to the use of multiple cloud computing services from more than one cloud provider (including private and public clouds), in a heterogeneous environment .  Google - Within the context of Google Cloud, the term hybrid cloud describes a setup in which common or interconnected workloads are deployed across multiple computing environments, one based in the public cloud, and at least one being private.  The term multi-cloud describes setups that combine at least two public cloud providers, as in the following diagram. A multi-cloud setup might also include priv