Welcome to episode 356 of the Microsoft Cloud IT Pro podcast recorded live on October 6th, 2023. This is a show about Microsoft 365 and Azure from the perspective of it pros and end users where we discuss the topic or recent news and how it relates to you co-pilot and ai just don't go away. We are back this week revisiting some of the r o I of this service as well as some updates around licensing with the upcoming GA of Microsoft 365 co-pilot and November 1st, 2023.
After that we discussed some methods and challenges for bulk restores of items from the SharePoint recycle bin, as well as some upcoming changes to default outbound internet access for your Azure VMs. I need a co-pilot to help handle my calls. You. Need a co-pilot handle your calls, huh? Co-pilots for everybody because they're coming prepare th self. It's just money. So you say co-pilot for everyone. This is public enough. There's public blog posts out here. Co-pilot is not for everyone. Scott .
I am disappointed by this. I mean we've talked. About the pricing in the past, so, so yeah, there's barriers to entry. We. Talked about the pricing but there's some new stuff. So copilot for everyone was $30 a user a month? It's expensive, I get it. I was willing. It is. 54% The cost of your E three license if you want to think about it that way. Like it is literally more than the cost of your E three license to go and pick up co-pilot. But I was willing to pay for it.
I absolutely would've paid 30 bucks a month for co-pilot at least to start to check it out. But then some news started coming out is it's gonna GA on November one and I got all excited and then I started looking at more news about it and it is gonna GA on November one and you can go get it if you have an enterprise agreement and you can get your Microsoft person to go set you up with it, which I don't have. And if you're willing to spend purchase a minimum of 300
licenses. Yeah, I was. Gonna say 300 licenses or 300 seats licenses, therefore bringing you to what a cool, not nine K a month just to get started. Nine K a month. Not for your little SMBs. 96, no, what is my math is failing me nine times 1200, 4,000. No, 90 108. 108. Yeah. 108. $108,000 a year for copilot, which. Remember that's basically double the cost of what you had before. So . That is not double the cost of what I had before. But for those organizations that are coming in, that.
Is like for those organizations, yes, but. It's another one. I don't have any like skin in the game insight here but like from the outside is um, it's tough. It's a lot to swallow. You've gotta do a lot of R o I justification and I just wonder if people are like poking the bear, poking at the market and seeing what it will maintain from a pricing perspective
just to get it there. But you, you won't know and I don't think M 365 or O 365 like even break down the numbers this way in financial reports or anything like that. What ARPU ends up uh, like revenue per user and margin ends up being like per user within those product segments. But yeah, now that's funny 'cause somebody in the chat is saying they're TAM assures it will save us money. There are no more tams.
So if somebody's still calling themself a tam a they've gotta get their heads out of the sand 'cause they haven't been a TAM for two years .
But that's neither here nor there. Yeah, it is a weird barrier to entry too in that like you said, you have to basically be nominated in by a member of your account team and at Microsoft I, I don't know like I I imagine there's a whole gamut of folks who listen to this podcast and they're the enterprisey of the enterprisey and they've heard terms like TAM and CS a and they know who like their account executive is, they're ae like they've got all that stuff down or they,
they we've got an at SS and and all that stuff running around and they live in the acronym soup of Microsoft. The majority, the vast majority, especially like those 300 seat organizations that would potentially be eligible, they don't usually have managed account teams. They're not big enough to get there. It doesn't justify it from like a sales cycle kind of thing.
If you've just come in and picked up a hundred licenses, 150, 300 licenses, like you're still in the threshold of SS M B versus organizations that are in multiple thousands could be like single digit thousands all the way up to a hundred thousand plus seats. Yeah, I was gonna say Microsoft puts that just from a licensing perspective. They kind of put that S M B level at 300 'cause that's where you move out of the business into enterprise. But I'm with you.
I weren't like some of my customers that are in those 300 5400 employees. I don't know that they necessarily have EAs or TAMS or account teams or all the different acronyms because at that level they're still just going out and buying enterprises or going through A C S P or some of that.
100%. So yeah, they effectively become unmanaged accounts which is fine in the grand scheme of things and it actually, I think for some of this like that's actually okay, I kind of want to see what happens when some of the biggest of the big kicks the tires and how that looks for them. And for the articles that are out there today about ways to think about justifying your R O I and your T C O with something like M 365 copilot.
There's a lot of broad assumptions there because nobody has really been hands-on with it I think in the way that they're about to get hands-on with it. And that's gonna lead to a whole bunch of interesting observations and conclusions potentially six months from now. Like I would love to see the industry reports that come out of like Gartner and I D C and others after this has been out for a couple months, people have been hands-on with it.
They've had a chance to effectively kick the tires and see what it can do for them. Okay. So this makes me laugh Scott. We just talked about the 300 LI license level and the whole SS M B thing. If you scroll down in that article from Schneider, IM that you post in Discord, we'll put it in the show notes. It's not every license is eligible for copilot. Microsoft 365 copilot is an add-on license. It works on top of the following. Microsoft 365 E five, Microsoft 365 E three, we knew both of those.
Microsoft 365 business premium and Microsoft 365 business standard. Except that if you have business premium or business standard, the only way you're gonna be eligible is if you have exactly 300 licenses because yes, it doesn't allow you to have more and less and I get it, some people have missed and matched, right? You could have 300 premium, 300 standard for your 600 users or have a few enterprise mixed in with your business premium.
But it kind of makes me chuckled that 300 is the threshold and you can put it on these business plans. But most people that are at that level aren't on business plans because they get capped at 300. We'll see. Obviously there's insights from like the licensing site that, or the licensing side that only the folks who run the service are privy to and they know their house, their business and where they wanna be with it. Yeah, I don't know.
I still haven't had a chance to get broadly hands-on with it. Like I'm very much looking forward to seeing that rollout. I don't know how that'll go even at Microsoft, like as Microsoft employee do I get access to that? Well I get GitHub copilot, I have that. I get Bing enterprise chat. Yep. All those kinds of things are available to me today.
I think one of the other things too is I wonder how many organizations sit down and look at, they look at maybe the raw cost of just a chat G P T and going straight to open ai. Like why wouldn't you give open AI 20 bucks a month to depending on the functionality that you need, right? Falling need is L L M without context. Like okay, go ahead and save yourself 10 bucks a month and go over here and get this tool.
I know a lot of conversations that I'm hearing are folks saying that part of the justification of the price is that you're staying kind of inside the four walls. So you're not just paying for functionality of a copilot and access to a large language model. You're paying for access to a large language model that has context and access to your data within a security boundary. And that's big for a lot of organizations.
If you and I worked for two different orgs, we don't want to be just going off and firing off business secrets to chat G P T under whatever nebulous licensing it has given day of the week and learning those things and then surfacing them up to something I say to it gets surfaced to you. Or even worse, something we say to each other, it gets surfaced to somebody else. So a part of it is just kind of covering your bases and making sure you've got
that too. And I don't know how you quantify that one. Like that one feels very fuzzy . Yeah and very like process regulatory driven, those kinds of things. So we'll see where that one falls out. But the varied ENT entry is definitely very high. So it's a really weird gold rushy time right now. I don't know, it's the best time if you're like skittish and you're not an early adopter, it's not the best time to dip your toe in. You might wanna like just take a step back and and see how it goes.
I agree. And Sean said in the chat that they're including business premium standard. Maybe they anticipate lowering 300. I hope so. I was, I don't know. I could beat this horse for a while. That's probably not politically correct but. No you're talking about. Boiling the frog. That's politically correct. Yeah. I'm surprised they're not pushing it out to smaller businesses 'cause I feel like a lot of the SMBs are the ones that could benefit from this a lot.
Like I could use it for summarizing my email for doing some of that type of stuff and to put the barrier to entry so high and Enterprisey feels like they're missing a huge target market and we've said it, AI is expensive. Maybe it's just the pure expense of they can't afford the expense of all these five person companies turning it on. They need some bigger commitments due to the cost of it. I was just listening to a podcast too.
We had talked about it I think a little bit last week, but it was after we recorded the acquired podcast and they did an interview a three hour, not an interview, a three hour podcast on Nvidia and the cost of some of these servers in the compute from Nvidia that I don't know that it was used to train Microsoft 365 copilot. But that hardware from Nvidia and training these models is, I don't know that I ever thought about the cost.
It's expensive listening to the cost of some of this hardware from Nvidia and what these companies need to train some of these models. You're talking like hundreds of millions of dollars just for the hardware alone. if not billions. Yes. In other news super computers are expensive. That's my co-pilot news for the day. It's out , I mean November one is coming up rapidly. So I think, like I said, the way I'm viewing this as hits November one, nobody does anything in November December anyway.
It's a slow time basically worldwide folks come back, they start really kicking the tires in Q one calendar year 2024 and by like March, April, may, June-ish timeframe next year I think you're gonna see like a crazy number of articles start to come out that talk to R O I and T C O around LLMs like this. Yep. Particularly in the context of office work, right? Like in in the M 365 world.
The other interesting thing that's gonna happen, I don't know if you watched the Google event from this week for they, they did like hardware announcements for the pixel, things like that. But one of the things that's happening on that side is Google's been AI driven for a long time as well but a little bit more on the consumer side of the fence. So they recently announced that they're chat chatbot Bard is going to have access to Gmail and be able to interact with and pull that information in
as well. So that was announced back in like mid-September a couple weeks ago. But if you have access to Bard today, you can actually go out and ask Bard to do things against the corpus of data that exists inside of your Gmail account. Which lots of us have, I think I've had a Gmail account, maybe not when it was in beta, but like I remember getting one very early on like it's been out there for quite a while.
So I have this large body of data that is now kind of sitting in Gmail that very much like an M 365 copilot. I can point a large language model against it and say hey start to go figure things out for me. When's the last time that I met with Ben and talked to Ben about podcast analytics? And it can just go like figure that out and pull that information out.
If you're, if anybody listen to this like you're looking for maybe some like real world anecdotes around Bard, I would recommend there's another podcast from the New York Times called Hard Fork. Go give a listen to their episode on Bard and Gmail integration. The two hosts of that episode have also been Gmail users for a long time. So like their prompt and the results are kind of hilarious. Like yeah you, you do have to go listen to it.
But their prompt is basically tell me what psychological problems I have based on my email . And go that's really funny and go. Out there and figure it out. So that's a good one as well. I. Am sure you had Gmail and beta. Do you remember Gmail? I just looked it up. Gmail was in beta for five years. Oh sure. do you remember? I remember that 'cause it was so long. I was thinking like the earliest of the early days. I don't know. I'd have to go back in and and see when my first message was there.
2004 It was released and it was in beta until 2009. I know. That I've had Gmail so long that I had enough data in there like before they even had paid plans that I had needed to start purging data and getting it out because I was, 'cause I was over the threshold for for data stored along the way. That's funny. Yeah, I'll love to go listen to that. I have not played with Bard so I have Gmail so yeah, I'll be honest, I don't use Gmail.
I still have an account but it is mostly junk mail at this point in time. Which could be really funny to ask Bard about considering there is very little actual personal email in my Gmail account at this point in time. Yeah, so this is gonna be really interesting too, especially if G Google starts offering Bard to smaller companies or if they start integrating it in with the G suite and Microsoft is stuck at this 300 user limit of . If that's gonna affect like where SMBs go, I don't know.
That's all speculation at this point in time. I think it's. Another valid thing to think about. So I think one of the other things that I've been keying onto is folks talk a lot these days about how much of big tech over the last couple years uh, has really been related to the phenomenon of having access to 0% interest rates. And it was cheap for everything. It was cheap to acquire hardware, it was cheap to acquire software, it was cheap to acquire people.
So the the whole people process technology thing where you were always trying to kind of balance those three different things, you really didn't have to worry about it anymore 'cause people were so cheap that didn't matter. Tech was so cheap that it didn't matter. And now that those things matter, folks need to sit down and and think about really like how to get the most of it and where it comes in. I don't know.
It's gonna be fun to watch from the outside I think is kind of my take on it right now. I agree. So with that we can be done boiling the co-pilot frog or beating the co-pilot horse or pummeling the co-pilot something else. What else do you wanna talk about? We had some news we had talked about, I had mentioned I owed some people a SharePoint, recycle PowerShell update. Where should we go from here? Why don't we get through your update and then we'll see what else we can swing in.
Do you feel overwhelmed by trying to manage your Office 365 environment? Are you facing unexpected issues that disrupt your company's productivity? Intelligent is here to help much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running Intelligent helps you with your Microsoft cloud environment because that's their expertise.
Intelligent keeps up with the latest updates in the Microsoft cloud to help keep your business running smoothly and ahead of the curve. Whether you are a small organization with just a few users up to an organization of several thousand employees they want to partner with you to implement and administer your Microsoft cloud technology, visit them at intelligent.com/podcast.
That's I N T E L L I G I N k.com/podcast for more information or to schedule a 30 minute call to get started with them today. Remember intelligent focuses on the Microsoft cloud so you can focus on your business. We had talked, I think it was a couple weeks ago, it was two or three weeks ago where I was waiting for a script to go run against the recycle bin. This is an interesting thing to think about 'cause I've had this happen to me a couple times now.
I was in a situation with a client and this was in all honestly self incurred a bit. We had a power automate automation go awry that went in and deleted like thousands of files. So this was not just five or 10 files, it deleted somewhere in the realm of like 10,000 files out of SharePoint. And fortunately for me for them when you. Say deleted 10,000 files, like somebody might wanna delete in bulk a bunch of stuff.
But in this case not by design a little rogue and maybe ran away 'cause it was missing a conditional or it. Was by design that this is a little bit of a uni unique scenario with this particular customer and how they want to use SharePoint. We may have talked about this like years ago. This process has been in place for them for probably three or four years now. Where as they move certain jobs that they're working
with through the internal workflow. So, so through their internal process they reach a point in time and this could be over several years that it works its way through this process where they actually want to move an entire folder that contains all the files related to a job from one library to the next library to the next library. Move it down the assembly line. We could argue the validity of doing that in SharePoint and why you would not want to do that and all the issues I encountered.
But it is working As part of that we are using moving a thousand files that can contain multiple gigabytes from one SharePoint site to another. SharePoint site is not an easy task. A folder to a folder within a library works great site to a site does not. So we're actually using sharegate with a hybrid worker process to issue a copy command to copy it from one site to another. 'cause sharegate does way better than anything Microsoft has but it doesn't do a move.
Which is interesting right? you think, you think there'd be an a P I to enable that but nah whatever. That in and of itself is very interesting but it does a copy. Sharegate doesn't have a move. So we do a copy and then a delete. Well if that server goes rogue we were missing some error checking and the copy did not run but the following step to delete did run.
So instead of copying from location A to location B and then deleting from location A, it tried to copy failed and then just deleted from location A just missing. Like a little conditional check or. Something, right? Missing a, hey. Did I actually finish right or did I do what you thought I was gonna do? Did this job run successfully? Did it actually hit the hybrid worker?
Was the hybrid worker on all that type of stuff. So for like a, it happened over the course of two or three days I think it was deleting these folders without doing the copy. So they all fortunately ended up in the recycle bin. That being said, un-deleting a thousand files or in this case 10,000 files from their psycho bin is not something Microsoft makes easy,
especially when there's folders within folders. One, I am not gonna go through a psycho bin and scroll through and individually select 8,000 files or 10,000 files and even try to find the right ones. Because the only way you can find them in the recycle bin is by looking at the U R L and making sure you have the right U R L and then you're looking for certain folders or sub folders. There is a PowerShell script and this is what I was waiting to run to un-delete
stuff from the recycle bin to do a restore item. You're. Thinking about kind of the P M P method, get a context to the web and just basically go to that recycle bin and just boom. Pull back everything. Yeah that's loop through it approach. Yes. Look at the U R L and then you do a restore item. If the U r L matches it worked by and large. I actually had a content type that inherited from a folder. I did not worry about this because it wasn't super important in this particular
scenario. But if you try to restore an item before you restore the folder, it just creates a normal folder and it doesn't actually restore the folder. And then when it tries to restore the folder, that's actually a content type, it throws an error because the folder's already there.
So if you really wanted to write this well you'd have to restore all of your folders first but restore them in the right order from the highest down to the lowest level to make sure you kept all the properties and the metadata and the content type and all of that. Mm-hmm , it's a pain to do this. Again for this scenario, I didn't care. The really one I only cared about was the top level and I just let it go wild.
If it created a folder, if it aired because the folder was already there, I let it air and then I just switched the content type at the root level and just put the metadata back on. This took a surprisingly long time for about 800 files. It's a lot of a p i requests like going back and forth.
Like even just the initial like enumeration. It's, yeah, I mean you think about it like each one of those is effectively like an HT P request takes time, has latency, you might inject additional logic, you have the overhead of auth and all the other, there's a bunch of stuff that goes into it that isn't like readily apparent and you're like, oh I just, I need an easy button. Right?
And I'm kind of surprised there isn't an easy button at this point, but I don't think the scenario of, hey, I deleted 10,000 objects, like whatever it happens to be is probably not like a high order bit. Probably not super common. No. And the other thing you can hit, because I absolutely hit it, is if you try to do 'em all at the same time or do 'em all sequentially, it takes, so it took about a hundred an hour to restore like 800 files.
So 10,000 files, you're looking at 10 hours. I got throttled. Microsoft did not appreciate me hammering away at that a p I on that site for 10 hours straight. And they started getting throttled because I would go try to visit the site to see are these showing up or not? And I was getting messages in the browser about being throttle. I was like, yeah, I cannot load this page. And if you go look at the U R L, it's the whole throttling thing. Now you've done it. To your point,
Microsoft does not make this easy. I'm really hoping. So they have, and we talked about it before, some of the backup stuff coming to syntex later this year. Ideally in this scenario, I think this is one where having a backup or restore tool could potentially make this quicker. I don't know, I don't know what the APIs look like there. If you have a backup tool and you go through and select your top level folder and do a restore, if that will speed it up.
Or if when Microsoft comes out with their backup and syntax, I know initially I think in that post they said they're not gonna have file or folder level restores. I think it's more gonna be site level. But that would be, this is one of those scenarios where we talk about, and I've heard clients say it, ah, Microsoft's got everything backed up. It's highly available. They're prepared. Yeah, to a certain extent.
But a scenario like this where it's in the recycle bin or had we not caught this right away and we had gone the 90 days, this is where you get yourself in trouble. And torg in the discord chat too, he said he has some users that mass delete directories trying to unsync libraries to their local pc. That one happens quite a bit. You can end up in the same scenario. I'm guilty of that one. I forget. Sometimes it's, yeah, it's tough. So I, I mean I think you're doing the right things.
The takeaway is you need to think about that stuff. Maybe you need to have a process to go and have an escalation path in your help desk for end users who delete stuff. Folks are familiar with the recycle bin, they know how to do self-service restores, all those kinds of things. There's only so far that somebody could go as a service provider to stop you from taking out a gun and shooting yourself in the foot. Uh, if you do,
it's great. Here's how you're gonna triage that and get yourself back. Yeah. You're just not gonna walk straight ever again. It'll be fine. Scott, we're going all off the rails for politically correct this episode. We're shooting ourselves, we're boiling frogs, beating horses, . , all of it. Yeah. Yeah. It's bad out there for body parts and animals today. That's, that's all I gotta say. Not. A good episode for that. But no, I agree a hundred percent.
There are absolutely ways to shoot yourself in the foot with all of this and get yourself in trouble. And to your point, having a plan, how are you gonna handle this? Even some sort of monitoring in place. That's another thing is how do you necessarily know when files are deleted? I don't know that I have a solution for this, but I have absolutely had customers call me before too and say, this file was there yesterday or a week ago or two weeks ago. It's not there today. And it's been one,
try to find it. Is it in the recycle bin? Sometimes it's not been deleted. It's been moved. Mm-hmm . And I've used the audit log in compliance center. I. Was gonna say that's what you wanna do. You wanna like kinda like clap and wipe your hands into the audit log. We go, yes. You just had to hope you had the audit log on and that it was there and available for you. But that's not, and that.
Could find it because we could also talk about the audit log search and the horrendous of trying to put a path into search for a certain file or folder. It is far from ideal in my experience and perspective. They're coming out with some new search capabilities. I think the new search is there now and the classic search is going away because this is the whole theme of Microsoft lately is we have new and we have classic, whether it's the audit log search or Microsoft Teams or any number of other
things. So yes, that is when the audit log becomes your friend. And hopefully you can get searched to work and you have the data there. But that was my SharePoint Restore and it is not fast. , so still have to rely on P M P and sharegate and hope for the best. That was it. But everything's back now. Everything is moving again. My jobs are running successfully and stuff is not being inadvertently deleted before it's moved.
And it only took me running PowerShell all night long between getting throttled and just the time it took. Azure. Automation jobs have been updated, logic's been updated, all is accounted for. That's. That. That's that. All right, well we got time for, what do you think? One more. Do you wanna throw in one more? I, oh, I have an announcement but that's really quick. Should we do that at the end or should we throw that in now and then do one more? It's up to. You. It's your.
Show. Not really. You had one more. Okay. So really quick. E S P C , the European SharePoint Conference, they sent me a LinkedIn message. So this is absolutely valid ish. They have these community awards, they're Inspire awards where you can go in and do a nomination for best community contributor, best YouTube channel, best online courses, diversity leader, award tech, trailblazer wellness mentorship, young female STEM award, and the best podcast Scott.
So they said they wondered if we would just let people know about this so people could go in and nominate all of those different people. Help kind of get the word out about community. People that you maybe know about, enjoy working with can recognize some of those community members. And naturally having a podcast. I think you should go nominate us for the best podcast. But I'm partial. If you don't nominate us, I won't be hurt.
But the link for this is we'll be in the show notes. We threw it in Discord. So if you do wanna go know somebody that's in the community, if you do wanna maybe nominate our podcast, I already did it, Scott. I nominated ourselves and I put right in why we're the best podcast. And it was because I do it and it's my podcast and I'm very partial .
Yeah, they just asked if we'd help raise some awareness for people to go out and vote for these Inspire awards and different people that are contributing to the community. Excellent. We'll. Throw that in and then we can do one more. Inspire away. Inspire away. Maybe. We'll have to come back and revisit this one. I don't know how much of a rabbit hole it's gonna send us down. Virtual machines in Azure use virtual machines in Azure. Oh. This one could be a rabbit hole, but we can do a longer up.
We could do a longer episode today. I mean it's up to you. It's your show. No it's not. This one's yours. However it. Works out. No, we're gonna do this. We're gonna talk about this. 'cause this one is a kind of a big deal I think. I. Don't know that it's a big deal. I think it's interesting 'cause it's something that I've never really thought about and I've always taken for granted. Back to my question. Okay, so what is this? You. Use uh, virtual machines in Azure? Yes or no? Yes. Okay, great.
Quite a few. Do. You ever browse the internet from your virtual machines in Azure? Like maybe to go outside and download something, get access to external data that exists outside the purview, not of pun intended, but outside the boundary of your vnet. So you're accessing information on the public internet. Maybe you go to Google being duck to go things like that. 100% Of the time. Whether it's to download PowerShell modules or like you said, download software.
I don't know that I've ever had a VM in my experience that doesn't, I know clients do. But yeah, I'm always using the internet for my VMs. Why else do you have a computer other than the internet? 100000%. I do this as well and I've never really thought about it. Like specifically the way that your virtual machines mm-hmm. automatically get outbound internet access and access
to the public internet. So there's, in Azure virtual machine land, there's ways that you can privatize the traffic for your virtual machines. Even from an outbound perspective. Like you could do forced routing, you could go through a nat gateway. There's ways to route through sbs. You can stand up your own public IP and you can say, great, I have a PIP on this vm and therefore the PIP is this. And outbound internet access is gonna drive that way. Yep.
But if you just go stand up at a standard vm, it's, oh, I still get an bog standard vm. Like any vm. Oh, I still get outbound internet access. So there's this really interesting update that came out on Azure updates. And the notice is that default to outbound internet access for virtual machines in Azure is being retired. And customers need to go ahead and transition over to a new method of internet access.
So in the world today, and up until the time this retirement is driven all the way through in 2025, like it's a ways out. You got time, you just go create a VM and, and you have that access. In the future, that's not going to be the case. You are going to have to explicitly define your
method of outbound internet access. And again, going back to things like stand up a nat gateway, create a load balancer and have an outbound rule on that load balancer and then that load balancer gets a PIP on it, all that kind of stuff. Or just go ahead and directly attach a PIP over
to your virtual machine. So, uh, I was trying to think like for the number of times that I create a virtual machine and I x x my way through it, or I have just some like basic arm templates, Hey, spin me up like in Ubuntu 20.4 l t s, blah, blah, blah. So I can play with it and do something with it and I gotta go back and adjust that stuff and make sure that I actually have them figured in with
things pips in them. Like, Hey, gimme like a basic public IP and associate that with my nick and get it going. If I wasn't doing that already in some way, shape, or form. Yeah. So not like a massive change. Arguably a good thing. Hey, like you get more control and you'll have more insight into what's going on. But it made me do a double take. Like just going back thinking like, huh, I've never actually thought about the way like default outbound internet access
works. I always just take it for granted. 'cause usually the first thing I do is hop on a VM and then go download something . Let me just reach out. And. And that's mine. And I will say by and large, my VMs tend to have public IP addresses because most of the time I'm just doing an R D P connection into 'em. I am not being super secure. I'm not going and paying for Bastion or just in time or any of those. I just put on a public IP address.
I lock the R D P port or the R D P access on port 33 89 down to my public IP address. So I don't have a ton that don't have a public ip, but I absolutely similar type thing have clients where they're using Bastion to access everything and they don't put that public IP address on because they don't want that VM exposed to the internet on a public IP address. 100% And totally valid. Right? Right. That's a great.
Use case. And that's where, maybe not a huge deal, but I think to the one that I'm using sharegate on, the one that I'm using for this client to move files. It doesn't have a public IP address. I use Bastion, but I'm always going into it and downloading updates to the PowerShell modules, to the p and p command. Lets, or grabbing a sharegate update as they update it, stuff like that. And that particular client, they're not gonna put a public IP address on it.
I don't know that they necessarily want to from a security perspective, but that means they are gonna have to go in and they may have some load balancers and Azure firewalls, something like that already. I'm actually not a hundred percent sure, but they're gonna have to, to go in then and reconfigure all of these different machines if we still want them to have internet access. Or some clients that do make it all privatized and they require you to A V P N into Azure or be on the network.
And they're using express route to access all their VMs and Azure. Like I think some of those companies that maybe have large footprints in Azure and really have tried to privatize 'em. And to your point when you're like, you locked this down and you're gonna have to figure out another way to internet, I'm like, huh, I had your reaction. Like, I've never thought about that before. If I don't have a public ip, I can still get to the internet.
That might be a fairly large change for some of these enterprises that have tried to lock it down, but maybe haven't had that Huh. Moment that you and I just did of, I do still get to the internet with those. It makes me think that I need to go get hands on with Nat Gateway, which I don't think I've done yet. I, I was trying to think a little bit like, have I ever even deployed a Nat Gateway and I haven't gone down that
path so far. And I, I think Nat Gateway, like, and when you go read the docs, it's kind of the preferred way to, to go down this path. Like, all right, let's start at the top, secure by default, blah, blah, blah. You start walking the line down and you get to outbound connectivity and all that stuff. And Nat Gateway is kind of the go-to thing. So maybe we'll have to go and play and and get hands on with that one. 'cause Nat,
the other thing with Nat Gateway is it's not just for virtual machines. Well, I, I mean it's for units of compute, like private compute. And the reason I'm being kind of cagey and saying units of compute, because there's potentially PAs services that leverage virtual machines as like IAS constructs a k s, Azure Kubernetes service. Yeah. Do functions or web apps on an isolated plan and stand those kinds of things up. App services where you have vnet integrations and things like that come through.
Even other like data analytics services like synapse, databricks, all those things. Like they can get on v VNAs and do some kind of basic injection and things like that. And those are all subject and would also work with something like a Nat Gateway as well. So, yeah. So Sean is telling you what's super easy to set up. So if we go try this and we mess something up, Sean's gonna laugh at us. If. We mess it up, it's gonna be in, in your Azure subscription. It's be it'll be be fine. It'll be fine.
No, we should, I haven't set up an that gateway either. We'll. Do that one as a a two to the cloud thing and just next extra way through it without any docs should, if Sean says it's easy, it's gotta be easy. Yeah. It could go wrong. I mean it's just something in Azure we can always delete it and recreate it, right? Yeah. Uh, I mean his hour hourly rate so he, he can come back and fix it for us. That's okay.
Fix it up. Alright, well yeah, this one interesting. Like you said, you definitely have some time to go to go in and fix it, but it is one that I think is gonna make people go, huh, and have to think through what this actually means for maybe some of their larger deployments. That's about. It. That's it. We'll see if we need to come back and revisit that one. Alright, we got through it. Look at that. We. Did. And we're not too far over our normal allotted time.
So with that another day, another week, another episode. Scott. Oh, I should look just a minute. We're not gonna hit it yet. Do you know a milestone? We're about to hit Scott. We are about to hit a milestone on this podcast. A milestone. Let me see. I'm on the backend. This is episode 356. That doesn't mean much to me, it just means that we've been doing this a long time. You have some weird download milestone or something in your head? I do.
You got it. But I can't. Oh, there we go. Sign in. Let's go. Look. As of today, we have all time. Friday. October 6th. Friday October 6th. If you wanna know the lag on how long it takes to get these out. . Yeah, we have a little bit of a lag right now. We've kind of gotten ahead. So, but as of today, October 6th, we have 996,949 total show listens slash downloads since we started the show. Yeah. Listen. Only the ones that come from the official stuff too.
I think you get more out of Spotify and Google and all that if. You would go include those. I see. And I think, I don't know if Spotify's included in these or not. I know YouTube listens or not. So we may have already crossed the threshold, but in our official stats tracker on the background over the last six years, we have almost reached that million download mark. There you go. I have to buy you a cake or something. In how many countries do you think it's been downloaded in Scott? Just random.
This is random. 113. Oh, they. Got rid of my total view. I don't know. , they used to tell me it's more than, oh no, there it is. 190 countries. Some of them only have one download 'cause I don't know why, but we haven't downloaded now in 190 countries across those million downloads. It's kind of fun just to go in and see because not too, Shay, let me tell you, I would never be able to get to 192 countries. So in some strange, weird wayco,
we have been in 190 countries or at least our voice has been. There you go. So. With that, go enjoy your weekend. That was my weird milestone, my almost milestone We've hit and we will be back next week with some other topic about something that strikes our fancy . Very descriptive. All right, thanks Ben. All right, thanks Scott. If you enjoyed the podcast, go leave us a five star rating in iTunes. It helps to get the word out so more it pros can learn about Office 365 and Azure.
If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter, or Facebook. Thanks again for listening and have a great day.