“At that point, I was the only publisher of the production code, so I had to walk my developer through adding the fix and publishing for me. He fixed the issue, published via Visual Studio (so easy) to staging, so we had a rollback option just in case. Then, I walked him through my admin login to get in to the portal to run the swap. The hardest part of the whole process was remembering my password to grant him access. The ability to deploy via developer tools and perform a swap in case something went wrong was what made this all possible in a 15-minute window before the plane took off.”

Interface troubles
Due to its nature, customers must control their Azure accounts and set up most services via the Web interface. This is convenient, but less than ideal in many ways, most notably regarding security. Under normal circumstances, if someone gets your Windows Live credentials, then they have complete control of everything you have on Azure. There are examples of big damage being done simply by losing control over these credentials on Web-based systems, including Amazon.

To address this, Microsoft has introduced Azure Multi-Factor Authentication, a core security concept whereby the user is asked to prove their identity by more than simply providing a password. The factors are generally accepted as something you know (like the username and password), something you have (like a smartcard or your phone) or something you are (like biometrics such as fingerprints or retinal scans). Microsoft describes the packages this way: “Azure Multi-Factor Authentication adds an additional layer of security to your Azure administrator account at no additional cost. When turned on, you’ll need to confirm your identity to spin up a virtual machine, manage storage, or use other Azure services.” This is a great way to solve this security problem and can also be leveraged to protect almost anything, including solutions hosted on Azure and anywhere else.

Since Azure first came out, the Web interface has changed to handle the updated offerings and features. Microsoft has been working on a major update to this portal that has in itself proven controversial. The original interface as it has evolved is shown in Figure 1, while the new portal is shown in Figure 2. There are discernable elements from the Windows 8 UI in the new portal, and Windows 8 is not considered among the most beloved of Windows versions. While the tile-based interface of Windows Phone and Windows 8 has many strengths, it also has some weaknesses.

Figure 1

Figure 1: Old-style Azure Web interfance

Figure 2: Windows 8-style Web interface.

Figure 2: Windows 8-style Azure Web interface.

This interface allows you to see things at a glance, but only the surface details. To find the deeper elements you have to drill in, which is fine so long as the details are findable. The interface opens and scrolls horizontally, and this is a common source of criticism. Finding things is also somewhat hit-or-miss. Although it supports search, you have to know what to search for, and some things are not actually present yet. Like the Windows 8 Start Screen, you really have to search for things because there is no concept of a folder structure, and this limits node hierarchies as a way to navigate a huge tree of options. An example of how this can trip you up is that if you install an application that would normally create Web links on the Start Menu of Windows 7, then these links are not automatically added to the start screen of Windows 8, and searching for the application will often result in many results too long to read. (SQL Server is a prime example of this.)

With the new Azure portal, the concept is of blades that open up with each click and reveal more detail after scrolling to the right. It is quite easy to get into a situation where the horizontal scrolling causes the browser to freak out a bit.

Other things do not work in the new interface, such as setting the security on an endpoint for a virtual machine deployed from the Azure Marketplace. It is important to remember that the old portal is still the default interface, and the new portal is opt-in only. With either interface, finding what you owe (monetarily) to Microsoft is easy and that is a must; however, figuring out what you owe to one of its partners is borderline impossible. This will certainly change (and hopefully soon), but these are the kinds of bumps that need to get smoothed out for Microsoft to reap the benefits from their efforts to make Azure the cloud of choice.