I’ve had a bunch of folks asking me lately on how our Windows Azure platform works “under-the-hood” (for example, the fabric controller) and about data center security.  If your interested in either, there are two publically available resources which give you quite a bit of insight, which I will direct you to:

A PDC 2008 session by Erick Smith and Chuck Lenzmeier talk to a good majority of the nuts & bolts:

Learn about the internal service management system and virtualization technologies responsible for monitoring, configuring, and lifecycle management of the cloud computing environment. Hear about the mechanisms used to deliver self-healing, dynamic scaling, and auto-deploying cloud computing data centers.

Under the Hood- Inside the Windows Azure Hosting Environment pdc2008 

For the security side, there is a great whitepaper out on our Global Foundation Services website, which I feel is a must-have for larger enterprises looking to leverage our platform:

Securing Microsoft's Cloud Infrastructure

Yes, that’s right, we’ve gone ahead and enabled two very cool and sought after features today: In-Place Upgrade and the Service Management APIs.

In-Place Upgrade enables you to incrementally roll a new version of your service over the existing version without first deploying the new version to staging. With this new mechanism, you can upgrade your entire application or just a single role (e.g. web role) without disturbing the other roles in your application. Note that you will still have the option to upgrade as before, by first deploying the new version to staging and then swapping it with the production deployment. (What we informally call “a VIP swap”.)

To ensure application availability during an in-place upgrade, Windows Azure stops only a subset of your instances at a time to upgrade them, while keeping the remaining instances running. To achieve this, Windows Azure logically partitions your application into “upgrade domains” and updates one domain at a time. During the Community Technology Preview, Windows Azure uses two upgrade domains for each application. This means that half of your role instances will be offline at a time during an in-place upgrade. In the future, you will be able to choose how many upgrade domains you want.  This is a very important concept for platform users, and one we will be expounding upon in the coming months, so now is a really good time to try it out and let us know what you think.  

Read more on the Windows Azure Team blog about In-Place Upgrade.

 The Service Management APIs help you manage your deployments, hosted services and storage accounts. This is a REST-based API which users can code against in their toolset of choice to manage their services.  Now you can easily view, create, delete, swap, modify configuration settings, changing instance counts, and update your deployments. Furthermore, you can listing and view properties for hosted services, storage accounts and affinity groups.  There is also a new tool called csmanage.exe to help you interact with the Service Management API and manage your deployments. You can find csmanage.exe along with other samples on the Windows Azure Team Blog Service Management APIs post.

All of the online Windows Azure SDK on MSDN has the latest and greatest info on the new features, so make sure you bookmark it and keep it handy.

Don’t forget, if you are currently using the CTP that is live, you will need to be cognizant that your current token is limited for the number of roles and role instances you may spawn.  The good news is, at commercial release this limitation will no longer be in place, and you can REALLY rock-on with these APIs. :)

Have a good one!

-E-

o Data centers we have built from the ground up: Those are Quincy, Washington and San Antonio, Texas.

o Data centers currently under construction: Those are Dublin, Ireland and Chicago, Illinois.

· How we choose future data center locations: When choosing future data center sites, we take into account over 35 weighted criteria in our “global heatmap,” including close proximity to an ample power source and fiber optic networks, a large pool of skilled labor, affordable energy rates, tax, and to determine the long-term viability of each site.

· Broad financial figures on data centers: We have only announced our expenditures on the data centers listed above that we have built from the ground up, and those figures aren’t necessarily indicative of all of our data center investments.

· The Microsoft data center strategy: Our strategy is focused on smart growth, measurable efficiency and global trust.

o Smart Growth: Smart growth means judiciously adding data centers and capacity within those data centers when and where we need them based on the demands of the customers of our online services. One of the ways we do this is by using new technology that enables us to scale quickly as needed. The technology we’re focused on for flexible growth right now is containers.

o Measurable Efficiency: When you’re managing an infrastructure of hundreds of thousands of servers it is essential that you run it efficiently. The first thing you need to do in this regard is to constantly measure, and then with that data make sure you make the right power and performance tradeoffs as you focus on uptime, availability, performance, and power usage. Everything has to be manageable – from the supply chain to the servers to the network -- and it has to be built to operate with great processes every day. Furthermore, you need to apply technology for efficiency both in architecting services to run efficiently and in applying breakthrough technologies such as virtualization.

o Global Trust: When customers think about trust, they tend to think security and privacy. But Microsoft thinks of trust more broadly: Our goal is to keep our customers’ data and our sites secure from attack and also safeguard our customers’ personally identifiable information. We must be available and reliable when customers need us, providing performance they can count on. And we need to deliver our products in the language they want, with special market considerations when appropriate – (e.g. mobile).

· Sustainability efforts: We are focused on integrating the latest innovations in technology and building techniques to maximize efficiencies and utilize alternative energy sources when and where possible to improve our Power Usage Effectiveness (PUE) and overall impact on the environment. As updated technology and techniques are developed, we make constant adjustments to our existing and new facilities, as well as our processes, to continue to improve our effectiveness.

· Amount of power we use: When asked, Microsoft’s power consumption is between 30 and 50 percent better than the global industry average for traditional facilities. At Microsoft, we believe that it is important to track and monitor an average PUE across all of our data centers (no matter how small or how old) in order to truly understand how well our data center operations are under control, and to allow us to make the right business decisions.  Our current annual global average PUE is 1.60.

  · Azure Services Platform in our data centers: Windows Azure is an Internet-scale cloud services platform (with an integrated development, service hosting, and management environment) maintained in Microsoft data centers. This environment includes a robust and efficient core of compute and simple storage capabilities and support for a rich variety of development tools and protocols. Windows Azure provides developers with on-demand compute and storage to host, scale, and to manage web applications in Microsoft data centers.

· Windows Server 2008 in our data centers: Windows Server 2008 is the operating system of choice for both on-premises data center applications and hosting applications in the cloud. Windows Azure is built on Windows Server 2008.

· Windows relevancy to the new Azure Services Platform for cloud computing: Windows Azure is built on Windows Server 2008. For years, Windows has connected thousands of peripherals and partners to the PC ecosystem. Now, as the power of devices increases and the ubiquity of the web unfolds, Microsoft is delivering on its Software + Services strategy by building platforms, tools, infrastructure, and solutions to enable new kinds of applications and services that extend from the server, to the data center, to the cloud – and from the browser, to the PC, to the phone and beyond. Windows Server 2008 is the operating system of choice for both on-premises data center applications and hosting applications in the cloud.

· SQL Data Services (SDS) in our data centers: Customers can use SQL Data Services to store virtually any amount of data in the cloud. SDS is stored in large storage clusters in Microsoft data centers located across North America. Microsoft also plans to offer the service from international locations such as Europe and Asia. Users can group their data into authorities, which are affiliated with specific data centers and therefore provide control over the geographic location of the data for reduced latency.

· Microsoft Online Services in our data centers: Delivers enterprise-class software as subscription services to businesses of all sizes hosted by Microsoft and sold with partners. This includes Microsoft Exchange Online, Microsoft Office SharePoint Online, Microsoft Office Live Meeting, Exchange Hosted Services, Microsoft Dynamics CRM Online, and soon – Microsoft Office Communications Online.

· Generation 4 Modular Data Center Vision: The concept behind the modular data center builds on the innovation deployed at our Chicago data center, which will house shipping containers packed with up to 2,500 servers each.  Container facilities help ensure that server capacity meets customer demands, reduce the likelihood of overcapacity, and reduce the time to build a data center from 24 to 12 months. Our “Gen 4” modular data centers will take the flexibility of containerized servers and apply it across the entire facility, which will be composed of modular “building blocks” of prefabricated mechanical, electrical and security components, in addition to containerized servers. These facilities can be built incrementally as capacity grows and deployed in only three to six months, reducing capital costs by 20% to 40%. Modular data centers will be scalable and sustainable, ensuring that our global footprint is only as big as capacity demands that it be. All information that can be shared publicly is posted on the GFS data center team blog posted here that outlines Microsoft’s vision of the foundation of our cloud data center  infrastructure in the next five years. A cool video is posted here.

· Security and Privacy: Microsoft endeavors to protect the privacy and security of our customers.  We comply with all applicable privacy laws, and we follow the privacy practices outlined in the Microsoft Online Privacy Statement.  Microsoft is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store customer information on computer systems with limited access, which are located in controlled facilities. When we transmit highly confidential information over the Internet, we protect it through the use of encryption. All information that can be shared is posted on the GFS web site’s security page here.

So, as you can see, it’s all about Data.  :)

Online safety and protection from Internet fraud continue to be top concerns worldwide as individuals face new challenges in a “Web 2.0” world. To address these concerns, we’ve produced a new set of online safety materials and revamped our online safety Web site -- all updated for Web 2.0.  

Today’s exciting new opportunities in the online world also bring concerns about issues like securing online information, communicating through social networks, and reducing the risks of cyberbullying to children. Our new “Smarter Online = Safer Online” series of brochures addresses each of these concerns and more.   We’ve also completed a full redesign of our Online Safety Web site at www.microsoft.com/protect. This site is designed to help parents, caregivers, and educators find the latest information including articles, comics, and other resources that address online safety.

Our top-level messages for consumer audiences—which include families, seniors, educators, governments, and NGOs, among others—are as follows:

• The Internet is an extraordinary catalyst for innovation, education, and expanding global economic growth—but it is continuously threatened by ever more sophisticated kinds of vandalism, harassment, and outright criminality.
  
• At Microsoft, our customers’ computer security, privacy and online safety are top priorities.
  
• Educated consumers are the first and most effective line of defense against the inherent risks in a rapidly changing digital world. Microsoft is making progress in these areas with a three-pronged strategy that involves:

1. Empowering consumers to take computer security, online safety, and privacy protection into their own hands by providing the education and resources they need to best protect themselves, their families and their devices.
2. Technological innovations that incorporate security into the software development process from the ground up.
3. Leadership and collaboration with government, industry, law enforcement, and educators to help foster a culture of online safety.

• We believe the full promise of the Internet will best be realized in an environment of self-regulation. However, when legislation is necessary to help protect our most vulnerable citizens or secure the integrity of the Internet itself, it should take into account the rapidly changing nature of information technology and promote laws that support innovation and progress.

The “Smarter Online = Safer Online” brochure series is now available. This US–English packet — including 13 topical online safety brochures, provides Microsoft’s guidance on many computing and Internet issues facing consumers today and serves as a valuable resource for consumers, community leaders, and policymakers.  The brochures can be used as standalone pieces or in their entirety to engage with interested parties. Please visit http://www.microsoft.com/protect/ to download this and other content. For your convenience, we have provided files in formats that can be easily modified to suit specific locations or languages.

Check out our newly redesigned Online Safety Web site. This site replaces the Security for Home Users site, and is designed for families, new users, educators and non-government organizations to find the latest information on a number of online safety topics.  New features on the site include:

Resources section – including safety brochures and event planning guides

Community section – featuring online forums and top safety bloggers

Educational comics – covering topics such as cyber-bullying and privacy

Videos – safety PSA and other educational materials

We have a collection of new issue summaries for our Government audiences with regards to online safety education legislation.

Mandatory Online Safety Education One Pager

Mandatory Online Safety Education Presentation

Online Safety Education Model Legislation

Teacher's Guide to Online Safety Education One Pager

Teacher's Guide to Online Safety Education Presentation

The YouTube channel hosts MSFT Online Safety Public Service Announcements (PSAs) – Please note we will be adding our other languages to the channel very soon!

Finally, for folks located on the Seattle Eastside,  if your civic group, school, or business has a group of 15 or more, and are interested in hosting an Online Safety event, please contact me for more information.  I regularly present our Online Safety and Security messaging as part of our Microsoft Official Security Team, and am a also an i-SAFE certified presenter.

Remember, Online Safety starts with You!