This article is contributed. See the original author and article here.
Although the pandemic exposed our supply chain fragilities, there are other factors that will continue to disrupt our supply chains for the foreseeable future. Geopolitical tensions between world superpowers are forcing companies to change how they trade, source, and manufacture goods, so redesigning your supply chain networks or setting up new supply chains to gain resilience is a common theme we will continue to see over the next few years. Global economies are inching towards recession partly due to the prolonged and ongoing pandemic which will increase cost pressures on businesses, and we all know gaining resilience while reducing costs is just extremely difficult. It will require us to improve our agility and pivot and adapt to changing customer and business needs.
Increase resilience with a predictive supply chain.
Manufacture and operate sustainably with minimal waste.
Transform work with advanced warehousing and robotics.
Microsoft’s supply chain experts will also deliver the must-have insights, strategies, and frameworks for chief supply chain officers (CSCOs) and supply chain leaders to think big, make bold moves, and drive real impact within their organizations1 on June 6, 2022 at 4:00 PM Eastern Time in the Southern Hemisphere II auditorium.
We hope to catch up with you and your teams at the event. Register and attend our session (see details below) for cutting-edge thought leadership about supply chain technology solutions.
Microsoft: CSCO’s role in digitally transforming supply chains with a composable approach
With growing supply chain complexities, leaders need a clear digital transformation strategy that drives visibility across the entire value chain, improves flexibility to meet customer demands, and decreases operational costs. In this session, we will share a new approach to deploying transformative supply chain technologies bespoke to your business by adopting composable characteristics without having to replace your existing supply chain solutions. The composite architecture enables accelerated time-to-value through better interoperability and data harmonization to create a resilient supply chain.
Let’s look at some of the benefits of a composable enterprise.
Composability enables circular manufacturing to advance sustainability initiatives
It’s paramount for enterprises to operate more sustainably. Most organizations have a goal to reduce and offset carbon emissions, including Microsoft. One of the ways to operate sustainably is to drive circularity. Essentiallyinstead of throwing away goods at the end of their life, finding ways to reuse or recycle them to reduce carbon emissions. To achieve circularity, businesses can customize their enterprise resource planning (ERP) systems to orchestrate new business processes. A composable system allows you to use low code to customize them easily.
Our own Microsoft Circular Centers have a unique process to optimize warehouse routing and management system to process decommissioned servers from Microsoft datacenters. There were no reverse logistics solutions that were suitable for the circular centers out of the box. By leveraging the low code Microsoft Power Platform solutions, Dynamics 365 was extended to build a reverse logistics solution that helped reuse, resale, and recycle the decommissioned data center assets. This is one of the ways that puts Microsoft on the path to achieving its sustainability goals by 2030. The outcome of this program has exceeded expectations. Our pilot circular center has been able to reuse 83 percent of critical parts and has reduced carbon emissions by 145,000 metric tons of CO2 equivalent.
This embed requires accepting cookies from the embed’s site to view the embed. Activate the link to accept cookies and view the embedded content.
The future of business applications is composable. According to Gartner, “those that have adopted a composable approach will outpace their competition by 80 percent in the speed of new feature implementation.”2 A composable business consists of modular building blocks that can be rapidly connected and orchestratedallowing organizations to adapt operations and processes to changing market conditions, new business opportunities, and unpredictable disruptions. Composable ERP solutions are, among other things, cloud-based platforms that scale without limits, leverage a modern open system architecture to reduce implementation time, and usually incorporate low-code/no-code interfaces to improve usability and customization.
One of the companies reaping the benefits of Dynamics 365 Supply Chain Solutions is Tillamook. Tillamook County Creamery Association is a farmer-owned cooperative based in Tillamook, Oregon, founded in 1909 and owned by about 80 farming families. While best known for its cheese, it has introduced more new dairy products in the past five years than in the previous fifty. At the same time, Tillamook has expanded nationally, and its products can now be found across the United States.
To support its growth and expansion, Tillamook needed a modern solution to scale and enter new distribution and sales markets. This led them to migrate to Dynamics 365 apps for Finance and Supply Chain Management. Tillamook had just begun its ERP modernization journey when the global pandemic disrupted demand and supply almost instantly. Yet despite being live for only four months, once COVID-19 spiked demand for groceries as people ate more at home, Tillamook was able to leverage the flexibility of Dynamics 365 to adapt quickly to new business needs.
“There’s been this thing with ERP over the past few years where you avoid customizations to the software so that you can take upgrades. That’s a thing of the past with Dynamics 365. You can modify the system to meet your unique business processes, adjust the logic and configure, and it still takes the updates seamlessly. We have some unique processes here with our complex supply chain, and we’ve been able to modify the system and still take those upgrades.“Travis Pierce, Director of Information Technology, Tillamook.
Enhance visibility with digital supply chain solutions
Today, manufacturers, distributors, and retailers can use the right digital supply chain solutions to build or enhance the real-time visibility required to move from reactive decision-making to predictive and proactive decision-making. To maximize operational efficiency, product quality, and profitability, they need to unify data across order fulfillment, planning, procurement, production, inventory, warehousing, and transportation.
Supply chain leaders know that the earlier potential disruptions and constraints are identified, the more successful the measures to adapt and overcome them can be. Modern improvements in technology, such as applying AI and machine learning to complex data sets, are giving businesses the insight and agility to deploy processes and systems that generate and proactively shape customer demand. These solutions also allow companies to sync and balance supply to demand by continuously optimizing production operations and distribution networks. With real-time, end-to-end visibility across the supply chain, organizations can sense, predict, and adapt to constraints and disruptions at the earliest possible opportunity.
Take the Supply Chain Visibility Guided Tour to see how a retailer can enhance supply chain visibility using Dynamics 365. The composable architecture of Dynamics 365 enables businesses to incrementally add functional capabilities that will make their supply chains more resilient without having to replace their legacy systems.
See you at Gartner Supply Chain Symposium XPOTM 2022
Supply chains continue to evolve through the current post-pandemic shift. As they do, Microsoft is committed to empowering every person and organization on the planet to achieve more. We hope you will join us at Gartner Supply Chain Symposium XPOTM 2022 by either catching our session or engaging with one of our supply chain experts. If you are unable to attend this year but are interested in learning how to start optimizing your supply chain, you can get started with a demo today or check out our webinar Create Agile and Digital Supply Chains with Dynamics 365.
GARTNER and SUPPLY CHAIN SYMPOSIUM/XPO are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
This article is contributed. See the original author and article here.
Atlassian has released a security advisory to address a remote code execution vulnerability (CVE-2022-26134) affecting Confluence Server and Data Center products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known exploitation of this vulnerability.
There are currently no updates available. Atlassian is working to issue an update. CISA strongly recommends that organizations review Confluence Security Advisory 2022-06-02 for more information. CISA urges organizations with affected Atlassian’s Confluence Server and Data Center products to block all internet traffic to and from those devices until an update is available and successfully applied.
This article is contributed. See the original author and article here.
CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the “Date Added to Catalog” column, which will sort by descending dates.
There are currently no updates available. Atlassian is working to issue an update. Per BOD 22-01 Catalog of Known Exploited Vulnerabilities, federal agencies are required to immediately block all internet traffic to and from Atlassian’s Confluence Server and Data Center products until an update is available and successfully applied.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
This article is contributed. See the original author and article here.
In September 2020, we announced that the next version of Exchange Server would be available in the second half of 2021 via a subscription model and that it would include support, product updates, security updates, and time zone updates. Unfortunately, 2021 had other plans for Exchange Server. In March 2021, we confronted a serious reality: state sponsored threat actors were targeting on-premises Exchange servers.
We strongly believe that close partnerships with security researchers help make customers more secure, so we also launched a security vulnerability bounty program for Exchange Server and other Office Server products via the Microsoft Applications and On-Premises Servers Bounty Program. Individuals across the globe can now receive monetary rewards for submitting security vulnerabilities found in Exchange Server, as detailed on the program web site.
While we continue to focus on security, we are now also ready to share our long-term roadmap for Exchange Server.
Roadmap Update
We have made changes to our Exchange Server roadmap since our September 2020 announcement, and today we’re excited to share those updates with you. We know that customers and partners have reasons to run Exchange Server, and we are committed to supporting them.
We have moved the release date for the next version of Exchange Server to the second half of 2025. The next version will require Server and CAL licenses and will be accessible only to customers with Software Assurance, similar to the SharePoint Server and Project Server Subscription Editions. We will provide more details on naming, features, requirements, and pricing in the first half of 2024.
We will maintain the current support dates for Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019; however, we plan to support the next version of Exchange Server beyond October 14, 2025. We are moving the next version of Exchange Server to our Modern Lifecycle Policy, which has no end of support dates. We plan on continuing to support Exchange Server as long as there is substantive market demand.
Two of the main challenges in previous versions of Exchange Server with respect to upgrading to the next version are that (1) the next version has historically had greater hardware requirements than the previous version, and (2) customers always had to move mailboxes from the old version to the new version. We are addressing these challenges in the next version by introducing the ability to do an in-place upgrade from Exchange Server 2019. This means that you may not have to acquire new hardware or move mailboxes, and that upgrading to the next version will—by design—be much easier than previous upgrades.
With our H1 2022 CU release, we added some new features to Exchange Server 2019 (including one that might allow you to shut down your last Exchange server), we added the hybrid server license at no additional charge, and we’re adding even more features, as detailed below.
Investments in Exchange Server 2019
A key element of the Exchange Server roadmap is our investment plans for Exchange Server 2019, which we are excited to share with you today. Over the coming months and years, we will be adding features to Exchange Server 2019, and we’ll continue to support regulatory and data privacy requirements. Our continued investment in Exchange Server 2019 allows us to deliver improved security, deployment and management capabilities, and reliability—the attributes our customers tell us they need most from Exchange Server.
Security Investments
Exchange servers often contain the most sensitive company data, and they host the company address book, which is why it is critical to protect these servers and this data. So, we’re continuing to focus on Exchange Server security, and we’re making several security-related investments.
Modern Authentication Update
Historically, Exchange Server has used Basic authentication (also known as legacy authentication) for client/server and server/server connections. Basic authentication is an outdated industry standard, and it is imperative for organizations to transition away from it as quickly as possible, to reduce attack surfaces and needless risk.
We have been working to deprecate Basic authentication in Exchange Online, and to transition users to something more secure: OAuth 2.0-based authentication, or what we call Modern authentication. OAuth 2.0 is the industry-standard protocol for authorization.
In about 120 days, on Oct 1, 2022, we’re going to start turning off Basic authentication for specific protocols in Exchange Online for those customers still using it. If you are an Exchange Online or Exchange hybrid customer, be sure to read our latest announcement to learn what you need to do to prepare for this change.
Modern authentication enables stronger authentication features, like multi-factor authentication (MFA), smart cards, certificate-based authentication, and third-party security identity providers. Among the many benefits and improvements in modern authentication is that it helps mitigate the security issues with Basic authentication. For example, enabling Modern authentication is an important step toward protecting your organization from brute force and password spray attacks.
We’ve also enabled Modern authentication for all Exchange Server customers in hybrid environments:
In September 2017, we shared our roadmap for adding Hybrid Modern Authentication (HMA) support to Exchange Server.
In December 2017, we announced the availability of HMA for Exchange Server 2013 and Exchange Server 2016 hybrid deployments.
In February 2019, we released Exchange Server 2019 CU1, which added support for HMA.
In October 2020, we added support for Modern authentication to the Microsoft Remote Connectivity Analyzer.
In May 2022, we announced that our public folder migration scripts now support Modern authentication.
In June 2019, we said that we would not be adding support for Modern authentication to pure on-premises Exchange environments, and that HMA would be our only solution for Exchange Server customers.
Today, we want to provide you with an update on that. We know the HMA requirement for cloud-based authentication in on-premises environments places a burden on some customers, and simply isn’t possible for others.
So, we are excited to announce that, in a reversal of our June 2019 announcement, we are working to add Modern authentication to pure on-premises Exchange Server environments (e.g., no cloud or hybrid). We expect to share our timeline for Modern auth support for each Outlook client later this year.
Support for TLS 1.3
We recently introduced support for Exchange Server 2019 on Windows Server 2022. By default, Windows Server 2022 uses Transport Layer Security (TLS) 1.3, which encrypts data to provide a secure communication channel between two endpoints. TLS 1.3 eliminates obsolete cryptographic algorithms, enhances security over older versions, and aims to encrypt as much of the handshake as possible.
While Exchange Server 2019 supports Windows Server 2022, we’re still working on adding support for TLS 1.3. We expect to support TLS 1.3 in Exchange Server 2019 next year.
Software Update Dashboards for Exchange Online and Exchange Server
Keeping Exchange Server current is a critical security practice, so we’re also making investments to help you stay current with the latest updates for Exchange Server.
Later this year we are introducing a new experience in the Microsoft 365 admin center for viewing the update status of Exchange servers in hybrid environments. This new experience is designed to show admins which Exchange servers need updates, and which servers are approaching or at the end of support.
This experience provides a view of on-premises Exchange servers that is curated using data from multiple sources, such as data customers opt-in to sending to us, data in the Microsoft Online Services processing logs, and publicly available data, such as DNS records.
A similar experience is expected to be added to Exchange Server 2019 early next year.
Exchange Emergency Mitigation Service Rollback
The Exchange Emergency Mitigation Service (EEMS) we added to Exchange Server last year helps keep your servers secure by applying mitigations from Microsoft to address any potential threats against your servers. EEMS is a built-in version of the EOMT that provides protection against security threats that have known mitigations.
After a mitigation applied by EEMS is no longer required, an admin can manually roll back that mitigation. To simplify the process, we’re developing a PowerShell script that admins will be able to use to remove any mitigations that are no longer needed. We expect to release the script next year.
Deployment and Manageability Investments
We know that Exchange Server updates can be complex to deploy for some customers, especially in environments without dedicated Exchange admins or IT staff. We are working to ease these challenges by enhancing Setup to preserve custom config settings, and we’re continuing to work to improve the Hybrid experience by addressing common customer pain points.
Custom Configuration Preservation
We understand that it’s very common for admins to customize their Exchange server settings after Setup has successfully completed. For example, admins often configure client-specific message size limits. These customizations are made in web.config, sharedweb.config, and other files on the Exchange server. One of the challenges for admins is that each time a CU is installed, their customizations are overwritten by Setup. Today, admins need to backup these files and restore them after each CU.
To address this issue, we’re working on changing Setup to preserve these customizations after a CU is installed. We hope to release these changes in the H2 2022 CU or the H1 2023 CU.
Hybrid Experience Improvements
To help admins manage hybrid environments, we’re making even more changes to the Hybrid Configuration Wizard (HCW). Today, the HCW performs several tasks, including configuring the Federation Trust, updating connectors and email address policies, and configuring endpoints and OAuth between on-premises and Exchange Online. After the wizard has completed its tasks, admins often customize the environment.
During a re-run of the HCW, most of the first-time configuration tasks are not required. But since the HCW doesn’t allow skipping steps, custom configurations made after the first HCW run can be lost, possibly leading to a bad hybrid state.
To address this issue, we’re modifying the HCW to allow an admin to choose the steps to perform and skip unnecessary ones. We expect to release an updated HCW with these changes later this year.
MEC features experts from Microsoft and the Exchange community talking about Exchange Online, Exchange Hybrid, and Exchange Server. This is a free technical airlift for IT pros that work with Exchange day-to-day, and developers who create solutions that integrate with Exchange.
Feedback Forums for Exchange Server and Exchange Online
Your feedback matters to Microsoft, and we have a lot of ways for you to share it with us. In the past, Exchange customers and partners used a platform called UserVoice for community driven feedback, but we moved off that platform last year.
Last year we also announced the Microsoft Feedback Portal, which provides a new community feedback experience from Microsoft. Built on Dynamics 365 Customer Service, Feedback is where users can go to provide feedback on popular Microsoft apps and services in one place.
Today, we’re excited to announce the availability of two new Feedback forums for Exchange:
We’re always striving to better serve our customers and partners. You can directly influence change at Microsoft by sharing your feedback. We look forward to hearing from you.
Exchange Server Technology Adoption Program Open Enrollment
Today, we’re also announcing open enrollment for the Exchange Server 2019 Technology Adoption Program (TAP) for customers and partners! The TAP is designed to validate Exchange Server updates by having customers and partners test deployments of pre-release builds of Exchange Server in lab, production, and development environments.
If you are interested in early (pre-release) access to Exchange Server 2019 builds, we invite you to join our TAP. You can find out how to sign up at Exchange TAP Announcement.
As we said earlier, we know that customers have reasons to run Exchange Server, and we are committed to supporting them.
Our guidance for customers who run Exchange Server is to move to Exchange Server 2019 now.
Exchange Server 2019 already includes several features not available in previous versions, including:
Support for Windows Server 2022 and Windows Server Core
Client/server connections use TLS 1.2 by default
New search infrastructure based on Exchange Online
Modern hardware support
Improvements in calendaring, client experience, compliance (in-place archiving, retention, eDiscovery), data loss prevention, and performance and scalability
Exchange Management Tools update that eliminates the need for Exchange Servers used only for recipient management purposes
The latest hybrid experience updates, including support for using MFA-enabled admin credentials with Hybrid Agent cmdlets
Soon, Exchange Server 2019 will include support for TLS 1.3, Modern authentication, and more, and it will provide the smoothest and easiest path to the next version of Exchange Server in 2025.
Upgrading to Exchange Server 2019
You can use the Exchange Deployment Assistant (EDA) at https://assistants.microsoft.com/exchangedeployment to upgrade from Exchange Server 2013 and/or Exchange Server 2016 to Exchange Server 2019. The EDA is a web-based tool that asks you a few questions about your current environment and then generates a custom step-by-step checklist that will help you deploy Exchange Server 2019, the smoothest and quickest path to the future.
Before you deploy Exchange 2019 in your organization, you need to do some careful planning, so be sure to carefully review the information provided by the EDA.
If you are planning an Exchange hybrid environment, be sure to review Exchange Server hybrid deployments and the accompanying information.
Scott Schnoll Senior Product Marketing Manager Exchange Online / Exchange Server
Recent Comments