Perficient is thrilled to announce that Amarender Peddamalku has been named a “Most Valuable Professional” (MVP) by Microsoft. Microsoft defines the MVP Award as “a global program of recognized technology experts and community leaders who actively support technical communities through unique, innovative, and consistent knowledge sharing.” Microsoft MVPs exhibit core competencies in community leadership and influence, technical expertise, community advocation, and contribution to Microsoft’s success. With only 3,000 awardees across the globe, Microsoft MVPs represent an elite team of technology experts.

Throughout his time at Perficient, Amarender has been involved in regular speaking sessions, community engagements, and enhancing Perficient’s conference presence.

Amerender states, “I am humbled and honored to receive my first MVP award. It feels amazing to belong to such an elite club and I look forward to the journey. I’m thankful for Microsoft MVP community for recognizing my efforts. A huge shout out to Perficient for letting me pursue my passion; without Perficient’s support, this wouldn’t have been possible.  I love to share the knowledge I gained through years, and by giving back to the community I hope I can influence and inspire upcoming Architects, developers and business users to explore Microsoft technologies further.”

Read More About Amarender Here.

Perficient + Microsoft

Perficient is committed to meeting the demands of customers’ cloud needs with highly skilled and specialized partnerships. Keeping security top of mind, our strong relationship with Microsoft and 20+ years of experience allow us to deliver strategic modern workplace solutions across the Microsoft Cloud.

The following is the first in a series of blogs on Power Platform Dataflow. 

ETL, Data Integration, and Data preparations are the backbone of any business application. Enterprises today generate a massive amount of data in their day-to-day operation. Moreover, this data is messy and comes from different sources and locations, each with its unique structuring standards. These make Data integration the most difficult, time-consuming, and expensive task. 

On the other hand, Power Automate, the component of the Power Platform, is capable of connecting to a range of data sources and can integrate the data to a major extent. However, connectors in Power Automate have a defined threshold for throttling limits on the number of API calls per minute or day. Moreover, flows are relatively slower as they perform row-wise operations.

The new dataflow capability in the Power Platform intends to reduce cost and time and make it easier for citizen developers to aggregate and prepare the data for visualizations, analytics, and business intelligence.

What is Power Platform Dataflow?

A Power Platform Dataflow is one of the components of Power Platform used for data preparation, data integration, data validation, and sometimes data migration. Dataflow allows connecting to multiple distinct data sources either in the cloud, on-premises, or Saas. It leverages a well-known power query tool to clean the data, define rules, parse logic, merge the data, append multiple tables, etc. to create meaningful data. Dataflow maps the data to standard entities using Common Data Model. It can load the cleaned data into Dataverse tables either by creating new rows or updating the existing rows. Dataflow is quite easy to develop by citizen developers with no-code experience.

Dataflow Flow Diagram

This tool can connect to large numbers of data sources today and this number is growing further. Needless the say, each connector comes with its own authentication which enhances security. Following is the list of connectors available as of date.

Dataflow can connect to multiple data sources

How to Trigger Dataflow Refresh?

Users can refresh the Dataflow manually or can define the frequency of refresh by selecting “Edit Refresh Setting”. It is available under the Dataflow menu. Alternatively, users can develop Power Automate flow and refresh the Dataflow.

Dataflow Menu

Schedule Automated Refresh

Few Important Applications of Dataflow

Dataflow has applications ranging from Data Integration to Data validation. following are some of the important applications:

• Data Preparation / ETL : Data preparation involves gathering, combining, structuring, and organizing data, so it can be consumed in business intelligence, data visualization, and analytics applications. Power Query, the powerful tool from Microsoft is capable of preprocessing, profiling, cleansing, and transforming. It seamlessly pulls the data from internal systems and external sources with required security and authentication.
• Data Migration : Many businesses are augmenting or migrating their legacy applications to PowerApps due to its known potential. The data size of such applications is large in many cases. The extracted data needs to go through a series of functions in preparation and ultimately load into Dataverse. The Dataflow does this job seamlessly by mapping columns of the destination Dataverse table.
• Data Validation / Data Reconciliation : Data validation is a critical step in any data workflow, it’s often skipped over as it slows down the pace of work. Moreover, it is not straight forward process as there are many interdependent tables that exist in the database with a parent-child relationship. Dataflow brings the capability to organize data into comparable formats thereby identifying errors and inconsistencies with defined rules.

No doubt, the potential of Dataflows is invariably the best-kept secret in the Power Platform. However, there are always downsides to every great tool. Following are a few Pros and Cons of Dataflow, one has to consider while implementing.

Pros :

1. Dataflow in Power Platform does not need an additional license
2. The tool is friendly and intuitive, any citizen developer can easily use
3. The Power queries in Dataflow, Excel, and Power BI are the same. They are simple to transfer from one platform to another
4. Dataflow can be a part of the Power Platform Solution, hence it is easy to migrate it to different environments along with other components
5. It can handle a massive amount of data, unlike Power Automate which throttles if a number of API calls per minute or day cross the threshold limit.
6. It is easy to refresh Dataflow either manually or with the schedule. Incremental refresh gives an edge
7. Dataflow executes in the cloud and an execution report is available for each run hence there is no need to monitor runs, unlike Excel Power Query
8. The tool handles a great level of parallelism and hence it takes a considerably short time compared to Power Automate or other integration tools
9. There are many text operations available in Power Query which makes users parse the data easily
10. Can load the data from Cloud, Saas, On-premises data sources, and even personal computers (with authentication)

Cons :

1. Microsoft has not yet enabled sharing ownership of the dataflow
2. Environment variables cannot be used in Dataflows
3. Users can’t add files or attachments to Dataverse while loading the data
4. There is no guidance on the optimal number of entities in the dataflow
5. Dataflow has a refresh limit of two hours per entity

Conclusion

Dataflow uses the Power Query Engine, a proven powerful and easy-to-use tool from Microsoft. It can connect to a range of data sources from the Cloud as well as On-Premises. Dataflow offers a great degree of reliability in ETL and data integration. Yet, there is scope to fully unleash the potential of Dataflow in a Power Platform.

Learn More

To learn more about how Power Platform and Dataflow can drive innovation in your business, follow this link and download the guide.

Challenges faced while managing a project:

• Just like any other project, ServiceNow projects have several challenges, and if these challenges are not dealt with, it usually means that the project will fail to deliver some of the expected criteria/result.
• ServiceNow Community will agree that the most common challenges in our projects are related to stakeholders, task management and technology.
• According to a study, only 2.5% of companies successfully complete 100% of their projects. Around 50% of projects fail to achieve their exact requirement or fail completely.
• Generally, projects seem to be more expensive than the planned budget. My objective is to help Project Managers, Team Member (Task Assignees), and Stakeholders to identify and overcome typical challenges by integrating the ServiceNow Project Portfolio Management Application with Microsoft Teams.

What Can Be Achieved with this Integration/Use Case:

• Create Project Group – Create MS Teams Channel for a project as required.
• Daily Project Status Teams – Contains the overview of the project, overdue task. Daily Project Status sent to MS Teams as required based on the data of a project in ServiceNow.
• Teams Action – Posts a message to the project channel or team whenever an Action is created with priority 1-Critical or 2-High, or if the priority of an existing Action is updated to 1-Critical or 2-High.
• Add Assigned Users to MS Group – Handles adding the users in the “Assigned to” or “Additional Assignee list” fields of the project tasks to the project channel or team.
• Archive MS Group – Handles archival of the project channel or team based on the number of days from which the project is moved to a closed state. This flow is set to run daily at 08:00 AM.
• Change Request Teams – Posts a message to the project channel or team whenever a Change Request with priority 1-Critical or 2-High is created, or if the priority of an existing Change Request record is updated to 1-Critical or 2-High.
• Decision Teams – Posts a message to the project channel or team whenever a Decision with priority 1-Critical or 2-High is created, or if the priority of an existing Decision is updated to 1-Critical or 2-High.
• Issue Teams – Posts a message to the project channel or team whenever an Issue with priority 1-Critical or 2-High is created, or if the priority of an existing Issue is updated to 1-Critical or 2-High.
• Milestone/Key Milestone Teams – Posts a message to the project channel or team whenever a Milestone or a Key Milestone task is moved to the closed state.
• Project Manager Changes MS Teams – Handles adding the new project manager as a member to the project channel or team. This flow also checks if the user who was the old project manager is assigned to any project tasks and if not assigned to any task, removes the user from the channel.
• Risk Flow Teams – Posts a message to the project channel or team whenever a Risk with probability High or Absolute is created, or if the probability of an existing risk is updated to High or Absolute. 

Architecture Diagram:

Why Implement PPM and Teams Integration?

It simplifies the task for the Project Managers to create, manage tasks, and the overall project. When a project is created, the “Enable MS Teams Collaboration” in the related links of the project is populated and is only visible to the users with the Project Manager role. Now the Project Manager can decide whether to create an MS Teams channel for the project or not. When the “Enable MS Teams Collaboration” link is clicked automatically, a channel with the project name will be created on Teams. The link “Enable MS Teams Collaboration” is only available to the Project Manager once. After enabling it, the link will disappear from the project form.

• When the Project Manager assigns a task to any user in the project, they will be notified (updated) on Teams about the task assignment with the specified details on the task created. We can add “Assigned to” or “Additional Assignee list” users to MS project group. Removing any user from the project will automatically remove the user from MS Teams.
• The Daily Project Status will give you the regular updates of the project. For example: exceptions, project running late by number of days, project not started on date or overdue by number of days, overdue tasks, delayed tasks, due today, and due within next 7 days (Milestone/Key Milestones). So that as a Project Manager, you can plan to do the follow-up by scheduling the timing for updates and prioritize the task.

• On the project, whenever the state or the status is getting updated or the managed task is being updated or created, Teams will be notified with the updates. When a project is set to complete, the state is set to “Closed” and the project channel on MS Teams will be closed and Archived in some days.

How to Enable MS Teams and PPM Collaboration

Install PPM Collaboration

a. Install the PPM Collaboration (sn_ppm_collab) application from ServiceNow Store.

b. The following plugins are required to use Microsoft Teams as the project collaboration tool:

• PPM Standard (com.snc.financial_planning_pmo)
• Microsoft Azure AD Spoke for IntegrationHub(com.sn.azure_ad.spoke)
• Microsoft Teams Graph Spoke (sn_msteams_ahv2)

Setup Microsoft Teams Graph Spoke

Integrate the ServiceNow instance and Microsoft Teams account by creating a custom OAuth application in Microsoft Teams to authenticate ServiceNow requests.

Register an Application Using the Microsoft Azure Portal 

Provide authorization to the ServiceNow instance by registering an application with Azure AD.

Procedure

1. In the Microsoft Azure portal, copy and record the Directory ID for later use. For more information, see Get tenant and app ID values for signing in in Microsoft Azure documentation.

2. 2. Register your application in the Azure portal. For instructions on registering an application, see Tutorial: Register an app with Azure Active Directory in the Microsoft Docs.
   3. Copy and record the Application ID for later use.

• Select Manifest tab, in the manifest editor, set the allowPublicClient* property to true and click on Save.
• Select API permissions tab, click on Add a permission.
• Search for and choose Dataverse under the APIs my organization uses. If “Dataverse” is not found, then search for “Common Data Service”.
• Click on Delegated permissions and check the options and click on Add permissions.

• This completes the registration of your application in Azure Active Directory.

4. Add the Reply URLs in this format: https://<instance-name>.service-now.com/oauth_redirect.do. For more information, see Authentication and authorization for Azure Time Series Insights API in Microsoft Docs.

Note: Copy the Client Secret for later use.

Register Microsoft Teams as the OAuth provider.

Register Microsoft Teams as the OAuth provider so that the ServiceNow instance can request OAuth 2.0 tokens.

Procedure

1. Navigate to All > System OAuth > Application Registry.
2. Click New.

The system displays the message, What kind of OAuth application?

3. Select Connect to a third-party OAuth Provider.
4. On the form, fill in the required fields.

A system-generated OAuth entity profile is created and displayed in the OAuth Entity Profiles related list. For example, MS Teams default_profile.

Create Credential records for the Microsoft Teams Graph spoke.

Authorize the Microsoft Teams Graph spoke actions by creating credential records for the application registered in the Microsoft Azure portal. The Microsoft Teams Graph spoke connection and credential alias uses these credentials to authorize actions.

Procedure

1. Navigate to All > Connections & Credentials > Credentials.
2. Click New.

The system displays the message, what type of Credentials would you like to create?

3. Select OAuth 2.0 Credentials.
4. On the form, fill in the required fields

Result

The credential record for the Microsoft Teams Graph spoke is created.

Create Connection records for the Microsoft Teams Graph spoke

Perform actions in Microsoft Teams by creating connection records for your Microsoft Teams account. The Microsoft Teams Graph spoke connection and credential alias uses these connections to perform actions.

Procedure

1. Navigate to All > Connections & Credentials > Connection & Credential Aliases.
2. Open the Microsoft Teams Graph spoke record.
3. In the Connections related list, click New.
4. On the form, fill in the required fields.

Set up a bi-directional webhook for Microsoft Teams Graph spoke 

Configure a webhook to subscribe to Microsoft Teams with a ServiceNow callback URL.

Register a Microsoft Teams Graph Webhook in ServiceNow Instance

Register a Microsoft Teams in your ServiceNow instance to notify the ServiceNow app when certain events occur in Microsoft Teams.

Procedure

1. Navigate to Microsoft Teams Graph Spoke > Webhook Registry.
2. On the form, fill in the fields.
3. Right-click the form header and click Save.
4. Click Callback URL.

The system auto-populates the webhook callback URL.

1. Copy and record the webhook callback URL.

Note: Copy the Callback URL, Channel ID, Group ID, Tenant ID for later use.

Flows Designed to Synchronize Projects with Your Collaboration Tool 

Understand the flows designed for the PPM Collaboration application so that you can edit the configurations as required.

By default, all the flows or sub flows are inactive. Activate all the flows or sub flows according to the requirements for getting notified for each update on a project. Flows can be viewed by navigating to Flow Designer > Designer and filtering the flows by the PPM collaboration application. This is how you can manage the overall growth of the project and complete it successfully without any delays or failures.

For more information, connect with me on LinkedIn.

Perficient + ServiceNow

We excel with ServiceNow’s IT Service Management (ITSM) capabilities. ITSM refers to all the activities involved in designing, developing, deploying, supporting, and managing the life cycle of IT services. We can help customers and prospects consolidate to a single, modern cloud IT solution using the Now Platform and IT service and operations workflows to increase IT productivity, predict and prevent issues, and deliver compelling service experiences.

We have ServiceNow certified Implementation Specialists in IT Service Management, Customer Service Management, Human Resources, CMDB, Discovery, and App Engine and Administration. We can holistically assess and address a broad range of workflow integration projects with the ability to deliver success from concept to launch and beyond.

To learn more about Perficient’s ServiceNow expertise, subscribe to Perficient’s blog, and follow us on LinkedIn and Twitter.

This tutorial walks you through how to add a customized help desk information to the Office 365 help pane. It’s a simple feature and a good way to inform your users on support information for SharePoint and Microsoft Office 365. By enabling this, users will be able to select the help button or the “?” next to their user icon below:

Follow These Next Steps

Sign in to portal.office.com, then select admin.

You must have global admin access for Office 365 and have a license to “Exchange Online.” Next, select the app launcher icon below:

Then, choose admin.

Click on the settings icon, and then on your organization’s profile.

Click on “help desk information.” It will then take you to a form. Then, click on the check box to show the fields.

As an admin, you need to decide what kind of contact information you want to give users. The title and at least one form of contact information are required. Select what you want to display and fill out the appropriate information. You can choose from the following:

• Title: Enter a title that clearly indicates your intent, such as “Contoso help desk” or “Need help?”
• Help desk phone: Enter the phone number users should call to talk to a technical support agent at your organization. Be sure to include any prefixes that may be needed to complete the call.
• Help desk email: Enter the email address for your support department.
• Help desk URL: If your support department has an internal or public website with helpful tools and resources, enter its name and the associated URL.

Finally, click “save.”

To see your new customized help desk card, sign out and back in again. Users will be able to see the card like in the below screenshot:

My Final Thoughts

In this tutorial, we learned how to add a customized help desk to Office 365 help pane. Adding the help desk contact information to the help pane helps users quickly access your help desk. As an Office 365 user myself, I believe this is a great feature that’s useful to many.

For more information on a help desk, contact our commerce experts today.

In many cases when you are deploying an enterprise application to production you are doing so with a large subset of users. Handling the manual additions of a single user over and over again to the application and security role is not only time-consuming but inefficient. As an alternative approach to this method, I recommend the use of creating Office 365 groups that are associated with the Dataverse Security Role to streamline the distribution. In doing so, you can share the PowerApp with a single group through the standard UI as you would an individual user, select the security role, and then save the change. Processing the requests in this manner allows you to share the application with all members of the Office 365 group and the necessary Dataverse Security Role reducing the overhead required.

Provided below are the steps to complete this action:

1. Sign in to PowerApps
2. Select the Apps button on the left-hand pane
3. With the full listing of applications now present, highlight the row associated with the app in question
4. On the command, bar select to share or select the ellipses within the row provided, and from the dropdown click the share option.
5. Within the Share, window enter the Office 365 Group Name
6. Once the group has been entered and appears on screen select the associated Security Role for the group.

Additional Office 365 Groups Considerations from Microsoft:

• “All existing members of the security group will inherit the app permissions. New users joining the security group will inherit the security group permissions on the app. Users leaving the group will no longer have access through that group, but those users can continue to have access either by having permissions assigned to them directly or through membership in another security group.”
• “Every member of a security group has the same permissions for an app as the overall group does. However, you can specify greater permissions for one or more members of that group to allow them greater access. For example, you can give Security Group A permission to run an app. And then, you can also give User B, who belongs to that group, Co-owner permission. Every member of the security group can run the app, but only User B can edit it. If you give Security Group A Co-owner permission and User B permission to run the app, that user can still edit the app.”

When you first start out in Dataverse it appears that there is no easy way to bulk-delete records unless you come from a dynamics background. If you are like me and usually have dataflow bringing in thousands of items at a time, this can become burdensome. Following the video (Link) & steps below you can select the Entity/Table from the “Dynamics” side of the house and schedule a job to bulk delete specific sets of data or all data alleviating the need to create a flow or manually delete hundreds/thousands of records.

Steps:

To do this you will need to navigate to your environments Dynamics URL found under the upper right-hand corner, gear icon, select advanced settings and follow the steps outlined below. 

• Once this screen opens pick data management & then Bulk Record Deletion. 
• A window will appear notifying you of the things you are being asked to do in order to complete the process, select Next to proceed.
• Within the define search criteria window, you will select the Look For dropdown & locate the Entity/Table you would like to apply this cleanup to. In addition, you can add filtering logic, select to filter based on previously built View, or just proceed with the removal of all records. 
• Once you are satisfied with your selection select next which presents you with your schedule and notification options. Run Immediately, Run at a given date/time, or Run this job on a recurring schedule. Notify a given user(s) upon completion.
• With all your selections made proceed to click next and review your selections before pressing the submit button. 

This concludes the bulk delete process for an entity in CDS/Dataverse. This process can take a few seconds to a few hours depending on the volume of records you are removing.

Welcome back to the last part of our “Four Microsoft 365 network connectivity principles you need to know” blog series! Last time, we discussed the concept of enabling direct connectivity for Microsoft 365 connections

If you haven’t had a chance to check that blog post out yet, I encourage you to check it out here. In this blog, we’ll cover the last principle which involves modernizing security for software as a service (SaaS). Let’s talk about why this concept is so important!

Principle #4: Modernize Security for SaaS

Lately, Microsoft has found that many customers have been struggling with maintaining rich and consistent security protection around their software as a service (SaaS) applications. This can be for many different reasons but often involves the growing impact over the traditional network controls to the user experience. Traditional enterprise networks often enforce network security on Internet traffic by using technologies like proxies, SSL inspection, packet inspection, and data loss prevention systems. Although these technologies serve an important purpose in reducing risk for generic Internet requests, this can also have a negative impact on the performance, scalability, and quality of the end-user experience when these technologies are used on Microsoft 365 traffic. With all that being said, Microsoft recommends that you review your network security and risk reduction methods (specifically for Microsoft 365 bound traffic) and instead start using Microsoft 365 security features to reduce your organization’s reliance on intrusive network security technologies that may be impacting your Microsoft 365 traffic. Furthermore, Microsoft recommends that customers start moving away from the traditional network security inspection capabilities, and instead start to adopt the “Zero Trust” architecture. The Zero Trust architecture relies more on using security dimensions which have been natively built into the SaaS application already. This includes leveraging signals and capabilities on the user, identity, device, workload, and data aspects.

In the diagram below we see two different scenarios. The first one we see is the Network Perimeter Inspection which can still be very effective for things like browsing the Internet or accessing an application on the Internet but as mentioned earlier does have a negative impact on Microsoft 365 traffic. The line below that we have our zero trust architecture which has several different ‘lenses” that combine signals and provide the richest most meaningful security visibility and most optimal security outcomes.

When it comes to accessing our SaaS applications Microsoft recommends the Zero Trust model as this allows us to evaluate signals and achieve the security outcomes that are related to the application itself. With this principle comes the need to identify and differentiate different types of network connections as close to the source/user as possible.  Microsoft indicates that this is where the best value in security and user experiences can be achieved when different connections with different performance and security contexts are treated differently. By differentiating network connections closest to the user, this will provide the highest value for the most performance-sensitive apps (i.e. Microsoft 365). Even better for you, many SD-WAN platforms now have this capability and differentiation built-in natively so that you as the customer don’t have to do this manually and can still benefit from these outcomes as part of your SD-WAN adoption. That wraps up our final network connectivity principle! I hope you have found this helpful, and I encourage you to check back soon where I’ll be covering the different network connectivity testing tools at your disposal so you can start testing your network between your users and Microsoft 365!

Welcome back to part 3 of the “Four Microsoft 365 network connectivity principles you need to know” blog series! Last time we discussed the topic of local egress and how enabling local egress of Microsoft 365 data ensures the greatest chance of the traffic being routed through the closest Microsoft network point of presence in turn giving you the best performance. This time we’ll discuss the third principle, which involves direct connectivity.

Principle #3: Enabling Direct Connectivity

The third principle takes things to the next level. In addition to the local egress that we discussed in the last blog, this principle calls for direct connectivity specifically for Microsoft 365 connections. This means that the routing of Microsoft connections directly to Microsoft without any type of network intermediation. In the diagram below you’ll notice intermediation which is sending connections through a third-party intermediary such as a Security as a Service cloud (SECaaS)[1], on-premises solution, or gateway running in the Infrastructure as a Service (IaaS)[2] may have an impact on achievable performance, availability, interoperability, compared to direct connections [3]. With all that being said, direct connectivity allows for future advancements, and improvements of the Microsoft 365 cloud will automatically accrue to customers who are allowed to connect to Microsoft directly.

Image provided by Microsoft

As Microsoft continues to expand its POPs (Points of Presence) and advancements of the Service Front Door infrastructure, this will allow Microsoft to get closer and closer to user geographies. In turn, direct connectivity will ensure that these types of investments automatically accrue to these organizations which will reduce latency and improve the end-user experience. This suggests that this principle of direct connectivity makes the network “future-proof” and also allows the cloud benefits to accrue the end-user experience automatically. Microsoft even went so far as to prove this point by running a series of tests for end-users connecting to the Office 365 Serve Front Door and the latency each scenario experienced.  As you will see, those end-users with network topologies that have intermediation properties (i.e. IaaS [2] or SECaas[1]), experienced worse latency and performance characteristics than those connecting directly.

Image provided by Microsoft

You’ll also notice the dotted line at the 90% mark, this is because Microsoft uses the 90th percentile to measure the true user experience with many of the productivity services. You’ll see the vast difference between the direct connection architecture and the intermediate/indirect connection can be upwards of 100+ms which can be very impactful to the end-user experience. This summarized the third of our four principles of network connectivity in Microsoft 365. Check back shortly where we will cover the last principle which entails modernizing security for Software as a Service (Saas). This will involve avoiding intrusive network security for Microsoft 365 connections. More on that in the next blog!

Welcome back to our “Four Microsoft 365 network connectivity principles you need to know” blog series, it has been almost 2 months since the first article (sorry for the large gap), so if you haven’t had a chance to read the first blog, you can check it out here. Last time we talked about the first network connectivity principle which involved optimizing your network traffic. Once you’ve done your due diligence with the planning and optimization of your network traffic, you can start focusing on the second principle of enabling local Internet egress. 

Principle #2 – Enable Local Egress

This second principle calls for enabling local internet egress from the location(s) where you have users directly into Microsoft’s global backbone.

Image provided by Microsoft

This principle of local egress ensures that the requests from the most sensitive Microsoft 365 applications are not being backhauled across your private WAN but rather using your direct Internet connections to reach the destinations quicker. By using local egress, you maximize your chances that the connection is going to be routed through the closest Microsoft network POP (point-of-presence) for best performance. In addition, this principle also suggests that DNS egress for Microsoft 365 domains should be configured to egress locally, preferably through the proximate local DNS servers performing the recursive resolver (RR) functionality. This part of the principle is critical for traffic management decisions that the cloud makes by directing the user traffic to the closest set of front doors for best performance. 

Today, many traditional network architectures will have all outbound Internet connections traversing the corporate network through a central location.  With the new era of networking, Microsoft recommends adopting an Internet-facing network architecture as this is better optimized for supporting latency-sensitive cloud services (i.e. Teams, Exchange, SharePoint, OneDrive, etc.) Microsoft has done a lot of work in order to supply customers with the most optimal path to the cloud. How do they do this you may ask? Well, the Microsoft Global Network was designed in a way where they provide a Distributed Service Front Door infrastructure to customers, that consists of a dynamic fabric of global entry points which in turn routes incoming cloud service connections to the closest entry point. This results in lower latency due to the reduction in length of the “last mile” by shortening the route between the customer and the cloud. The diagram below depicts what the ideal architecture looks like for SaaS (Software-as-a-Service) applications. 

Image provided by Microsoft

In this diagram, you’ll notice that regardless of where you reside (whether it be in your head office, home office, hotel, or coffee shop), by egressing locally you ensure the shortest possible route to the nearest Microsoft Global Network entry point. Egressing locally also reduces the load on your corporate network infrastructure and you can even rest assured knowing that the connection on both ends is secure as this will be leveraging client endpoint security and cloud security features. This summarizes the second of four network connectivity principles for Microsoft 365. Next time, we’ll tackle the third principle of enabling direct connectivity, so I hope you’ll check back soon to learn more about that topic! 

If you’re thinking of going to the cloud, one of the first things you should be doing is looking at your network. After all, the corporate network is often the most massive bottleneck between you and the cloud. So what does your network infrastructure look like today? What should it look like if you’re going to the cloud? What changes need to be made? You should be asking yourself all of these questions so you can ensure you’re planning correctly. Luckily, Microsoft makes your job that much easier by providing four straightforward network connectivity principles that you should follow to ensure the best end-user experience across all Microsoft 365 services. We’ll define each of those principles in this article and start diving into the first principle now and have subsequent articles on the other principles. These four principles should give you the right tools so you can start planning on modernizing your network architecture and determine your readiness for Microsoft 365.

The four network connectivity principles to live by when moving your network to Microsoft 365 includes:

1. Optimize Network Traffic
2. Enable Local Egress
3. Enable Direct Connectivity
4. Modernize Security for SaaS (Software as a Service)

Principle #1 – Optimize Network Traffic

The first and most crucial principle boils down to optimization of your network traffic. The goal of this principle is to identify Microsoft 365 network traffic so you can differentiate between generic Internet-bound traffic and the traffic that should be optimized. To do this, you’ll need to use the Microsoft published endpoint categories to determine Microsoft 365 traffic from generic internet traffic for more efficient routing. Microsoft 365 created a set of definitions that focuses on network FQDN’s and IP address definitions for all primary Microsoft 365 services (Exchange Online, Skype for Business Online, Teams, SharePoint Online, etc.). Each of these definitions is delivered through a set of scalable REST APIs to automate the network settings for each customer. One of the unique things about these definitions is that Microsoft includes the priority-driven endpoint taxonomy allowing you, as the customer, to prioritize some of the most critical Microsoft 365 experiences and optimize the traffic accordingly. Microsoft has a plethora of partners that support the native integration of the API into their products, which allows you, as the customer, to recognize and configure appropriate Microsoft 365 treatment with just a few clicks of a button. If you are the network administrator for your organization, you’ll be happy to hear about this, as you won’t be required to manually consume this information. Instead, you can leverage one of the many partner solutions so you can automate this in your own environment and keep this up to date. In the past, Microsoft’s optimization guidance was divided into two different categories, required traffic and optional traffic. Since endpoints have been added to support new Microsoft 365 services and features, Microsoft has made some changes to this guidance. Now, Microsoft separates things into three categories, Optimize, Allow, and Default. This now allows for a priority-based pivot on where to focus network optimization efforts, so in turn, you can get the best performance improvements and return on investment. Let’s take a look at each of these categories in more detail:

• Optimize 
  • These endpoints are required connectivity to Microsoft 365 service and represent 75% of the Microsoft 365 bandwidth, connections, and volume of data. These endpoints are also the most sensitive to network performance, latency, and availability. These endpoints are hosted in a Microsoft datacenter, and you can expect the rate of change for these endpoints to be very scarce compared to the other two categories. The Optimize category includes ~10 critical URLs and a defined set of IP subnets that are dedicated to core Microsoft 365 workloads (as we mentioned earlier). For a full breakdown of what optimization methods this would include, you can check these methods out here.
• Allow
  • These endpoints are required for connectivity to Microsoft 365 services and features. However, these endpoints won’t be as sensitive to network performance or latency compared to our Optimize category. Also, the network footprint for these endpoints from a bandwidth and connection count standpoint will be much smaller. These endpoints are dedicated to Microsoft 365 micro-services and their dependencies, which include ~100 URLs. The Allow category also has a much higher change rate than those in the Optimize category, and not all endpoints will necessarily be associated with their own dedicated IP subnet.
• Default
  • These endpoints represent Microsoft 365 services and dependencies that do not require any type of optimization. Thus, these can be treated as regular Internet-bound traffic. Also, some of these endpoints in this category may not be hosted in Microsoft datacenters.

That sums up the first of our four network connectivity principles. As you can see, without proper optimization of your Microsoft 365 traffic, you won’t be able to give your end-users an optimal experience when it comes time for them to consume any of the Microsoft 365 services. This becomes even more important when you start introducing things like voice communication, as bad network optimization can lead to a bad end-user experience for those on phone calls or in meetings. However, rest assured after learning these principles, you’ll have a good starting point in tackling your move to the cloud! Tune in soon for the next blog on our second principle, enabling local egress!

Spend less time communicating, but be better informed by utilizing all the features available on Microsoft Teams. We started by planning a strong foundation for our communication in Part 1. Now we are working within those channels to gain four key Teams benefits.

Why make these changes?

Before we get into what, let’s remember the why.

The Teams benefits we are adding are:

1. Time saved for all members of the team
2. A place of reference for decisions made
3. Visibility for members on different workstreams or those accountable for the project by not involved day-to-day
4. Ability to have continuous conversations with people in all timezones

And for all of those reasons, we are going to…

Get Information Out of Chat & Post Everything

Creating posts in Teams channels will change communication for your group. Chats cannot be the default for communication within a formal group or initiative. Instead, have a dialogue going within your channels. This change is the basis for these added benefits. Let’s dive into the opportunities to do this & why.

Start conversations in Teams

Always start conversations with a post in a channel where team members can be made aware and start to collaborate on the topic. When creating the post, utilize the governance established in Part 1. Use a heading, and tag appropriately. Do you need a response from a specific individual, or is the topic informative?

In my example below, I tag the “General” channel because I don’t need a response from a specific individual, and my group doesn’t have a channel specified for this topic (yet!). Always add a heading so people can know what the topic is right away.

Ask Questions

Ask your questions in Teams posts! This is a hard task because our human nature makes us hesitant to reveal we don’t know all the answers. Get away from that by creating a space team members want to ask questions because they’ll save time. We can do that by posting questions to start, even if you know they may not get resolved on Teams. For the issues which can, meetings can be avoided by handling the whole discussion via Teams comments on that post. If it is not, the nature of the post will determine how to escalate to the appropriate communication level.

Connecting 1:1

If only one or two people have gone back and forth on the topic, creating the post revealed only two people are needed to create a proposed solution to bring to the group. Connecting two people 1:1 for a phone call saves everyone else’s time upfront by removing a meeting for which two individuals can resolve and post their outcome.

Give the Meeting a Head Start

If the group is not able to make headway in Teams comments or with 1:1 collaboration, then escalate to meeting with those which have commented. The benefits of escalating in this way include the ability to identify the must-haves for the conversation so that when the time is blocked off on the calendar, it only has to happen once. It is an easy transition because the purpose of the meeting is right there on Teams, and the participants of the meeting are already aware of the topic.

Post All Outcomes and Decisions

Post the outcome of all calls. This is a critical piece of saving time! Skipping this step would result is a breakdown in communication and will take you twice as long to resolve in a couple weeks. This enables other team members to be informed without everyone investing the time to create the solution.

Continuing to post outcomes over time creates a source of truth for all past decisions. Then, members can utilize search to refer back to any decisions made, depending on your tenant’s retention policies. Consider creating a wiki for major decisions or outcomes if unsure of the retention policy on your own Team’s posts.

Create visibility

Posting becomes increasingly important if your group does not have the same working hours or is not co-located. No team members would duplicate work or not be aware of a decision made, even if they miss a call, because everything is in the channel. Adding sponsors (which are accountable but not involved within the team can be even more helpful because they’re able to find the information they need without a team member having to communicate it to them, taking away time from the initiative.

Try it out!

The way to create the best fit for the team is to talk through this with everyone. First, have the whole team read through this blog. Then, reserve time to work through these expectations together. After that, your team will be on the way to having more impactful communication, being a more productive team overall, and increasing Microsoft Teams benefits for your company. 

View Microsoft’s commentary on Teams adoption here, and hear them echo these key points. Read more of our blogs on Microsoft here!

Microsoft is going all-in on Teams, and it’s time your company reaps the benefits! So much is being left on the table, and more potential is waiting to be released. This blog series lays out the secrets to upgrade your team’s usage of MSFT Teams. Taking these steps will transform the tool from “just another chat avenue” to the foundation of work at your company.  

The first step is creating the Teams instance! Create Teams around an organization structure, project, or initiative. All three of those are appropriate and can apply to the rest of the blog series. Choose one that applies to you and use that for the rest of the steps. The remainder of our first discussion is how to set up that Teams instance for success.  

Create a structure 

We want to mirror the structure of how work is done in our Teams instance. This allows us to best plan how communication will happen within. A great way to conceptualize a team is by identifying who is responsible, accountable, informed and consulted (RACI) for all requirements the group has to the business. The goal is to identify high-level buckets the work falls into in order to create the most intuitive structure. 

Identify the Workstreams

Start by reflecting upon the different buckets of work for the group. We want to organize our communications, files, and meetings around those groups – they will become our channels. The forethought of how to organize communication is critical. This process is the equivalent of laying a strong foundation of a house. Investing the time in how to manage your communication upfront will save pain and more time later when working to catch teammates up, communicate decisions, or sending emails.  

 Example: Creating Channels 

This is not each person has their own channel. The goal is #collaboration. Try to organize by the main efforts or aspects of the team or project. If you have trouble identifying what these groups should be, think about how your team talks about the work. For example, let’s say you’re on a development project. Do you usually start with technical architecture? Then transition to communicating those technical aspects? And, lastly how to report on the progress toward the overall goal? In that case, we would start with the following channel structure. Rest assured, the structure should adjust as time goes on and your organization changes. See the following examples of what would go into those channels. 

1. Technical – “I ran into this error when trying to implement what we talked about on our standup. I’ve tried one thing and then another. Any other ideas?”
2. OCM – “Can the team review this write up of the changes end users can expect in our next release?”
3. Project Management – “Our status report is due end of the week. Could everyone add updates by end of day?”

The default General channel cannot be deleted. Use this channel if none of the topics doesn’t fit any others. If there is an active topic in the General channel, consider promoting to a dedicated channel.

Decide who needs to follow what & how to tag 

Once you have identified the channels the team is going to utilize, delete the others which may have been created. The goal of this planning is to take all randomness out of communication and plan how the team members will communicate. This will save people’s time when choosing how to communicate something and who need to receive it. If communications are always put in a certain spot, the benefit of using Microsoft Teams increases substantially because communications can be referenced and relied upon. In order to completely take out the randomness, talk through and set the following for your team.

An owner for each channel 

These people (ideally 2) are responsible for regulating the posts in their channel and making sure everything that gets posted there is resolved. The benefits of having channel owners are preventing ideas or questions from falling through the cracks, and having the guidelines set up reinforced so communication is planned. 

How to use tagging 

Let the team decide how they want to use tagging. The method my team found works best is if a response or specific action is needed, the specific teammate must be tagged. Otherwise, use channel tagging for informational posts that don’t require specific action.  The benefit of this is all teammates understand how to ask for what they need. 

Which channels members need to follow 

Have a conversation on who needs to follow which channels. This combats the pain point for Teams creating too many notifications & creating a lot of noise. Go through and determine specific channels members need to follow. This prevents teammates from missing important questions. The benefit is channel tags can be utilized, but are not limiting. That is because teammates should use direct tagging in channels to ask pointed questions. When going through this exercise, think about the “FYI” messages. In other words, decide which members need to stay informed on specific workstreams. If you are a smaller team, you may decide to skip this step for the time being.  

Try it out!

The way to create the best fit for the team is to work through this exercise with everyone. First, have the whole team go through this blog beforehand. Then, reserve some time to work through these exercises together. After that, your team will be on the way to having the foundations for more impactful communication, being a more productive team overall, and increasing Microsoft Teams’ benefits for your company. In part 2, we discuss best practices within channels to unlock even more benefits. 

Read more of our blogs on Microsoft here!