Azure IaaS and Azure Stack: announcements and updates (April 2019 – Weeks: 13 and 14)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Azure Front Door Service is generally available

Azure Front Door Service (AFD) is a scalable and secure entry point for fast delivery of your global applications. AFD is a solution for your global website/application and provides:

  • Application and API acceleration with anycast and using Microsoft’s massive private global network to directly connect to your Azure deployed backends means your app runs with lower latency and higher throughput to your end users.
  • Global HTTP load balancing enables you to build your application resiliently across regions, fail-over instantly and offer your users an “always-on” web site availability experience either at a domain or microservice (URL path) level. 
  • SSL offload at a massive scale enables you to maintain security and scale to a rapidly growing or expanding user base, all while reducing latency.
  • WAF @ Edge offering application security against DDoS attacks or malicious users at the edge providing protection at scale without sacrificing on performance.

ExpressRoute Direct is generally available 

ExpressRoute Direct provides 100 Gbps connectivity. It is the first service of its scale in public cloud and focuses on core scenarios around large data-ingestion, R&D, media services, graphics and the like.

ExpressRoute Global Reach is generally available

ExpressRoute Global Reach extends the use of ExpressRoute from on-premises or from your corporate datacenter to Azure, to now also provide connectivity between on-premises sites, using the Microsoft Global network.

Azure Premium Block Blob Storage is generally available

Premium Blob Storage is a new performance tier in Azure Blob Storage for block blobs and append blobs, complimenting the existing Hot, Cool, and Archive access tiers. Premium Blob Storage provides lower and more consistent storage latency, providing low and consistent storage response times for both read and write operations across a range of object sizes, and is especially good at handling smaller blob sizes. Premium Blob Storage is ideal for workloads that require very fast response times and/or high transactions rates, such as IoT, Telemetry, AI, and scenarios with humans in the loop such as interactive video editing, web content, online transactions, and more.

New Azure Disks SKU

All existing Azure Managed Disk offerings (Premium SSD, Standard SSD and Standard HDD) will now feature 8, 16 and 32 TiB disk sizes. In addition, are supported disk sizes up to 64 TiB on Ultra Disks in preview. The performance scale targets for Premium SSD are increased to 20,000 IOPS and 900 MB/sec. Also, Standard SSD performance will now reach up to 6,000 IOPS and 750MBps and Standard HDD to 2000 IOPS and 500MBps .

Advanced Threat Protection for Azure Storage
Advanced Threat Protection for Azure Storage is available. It provides an additional layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit storage accounts.

Azure Blob Storage lifecycle management

General availability of Blob Storage lifecycle management so that you can automate blob tiering and retention with custom defined rules. Azure Blob Storage lifecycle management offers a rich, rule-based policy which you can use to transition your data to the best access tier and to expire data at the end of its lifecycle. This feature is available in all Azure public regions.

Azure Firewall in Government Cloud

Azure Firewall Service is now generally available in Government Cloud. Specific regions and limitations can be found here.

New B-series VM size

A new B-series VM size, B1ls, which has the smallest memory and lowest cost among Azure VM instances is available. B1ls has 512 MiB of memory and 1 vCPU.  This offering is in response to customers who were looking for entry-level offerings. B1ls is available only on Linux for the best customer experience. Windows is not supported because the minimum recommended memory for the Windows OS is larger than what B1ls offers. B1ls is best for small web servers, small databases, and development and test environments. It offers a cost-effective way to deploy workloads that don’t need the full performance of the CPU continuously and burst in their performance.

New capabilities in Azure Security Center

Microsoft Azure Security Center has released new capabilities:

  • Advanced Threat Protection for Azure Storage. Layer of protection that helps customers detect and respond to potential threats on their storage account as they occur—without having to be an expert in security.
  • Regulatory compliance dashboard. Helps Security Center customers streamline their compliance process by providing insight into their compliance posture for a set of supported standards and regulations.
  • Support for Virtual Machine Scale Sets (VMSS). Easily monitor the security posture of your VMSS with security recommendations.
  • Dedicated Hardware Security Module (HSM) service, now available in U.K., Canada, and Australia. Provides cryptographic key storage in Azure and meets the most stringent customer security and compliance requirements.
  • Azure disk encryption support for VMSS. Now Azure disk encryption can be enabled for Windows and Linux VMSS in Azure public regions—enabling customers to help protect and safeguard the VMSS data at rest using industry standard encryption technology.

New Regions for Azure File Sync

Azure File Sync is available in Korea Central and Korea South. To get the latest list of supported regions, see this document.

New Regions for Traffic Analytics

Traffic Analytics is now available in East Asia, Japan West, France Central and Korea Central.

Update rollup for Azure File Sync Agent: April 2019

An update rollup for the Azure File Sync agent was released.

Improvements and issues that are fixed:

  • Reliability improvements for offline data transfer and data transfer resume features.
  • Sync telemetry improvements.

More information about this update rollup:

  • This update is available for Windows Server 2012 R2, Windows Server 2016 and Windows Server 2019 installations that have Azure File Sync agent version 4.0.1.0 or later installed.
  • The agent version of this update rollup is 5.2.0.0.
  • A restart may be required if files are in use during the update rollup installation.
  • Installation instructions are documented in KB4481061.

 

Azure Stack

Azure Stack HCI

Microsoft announced Azure Stack HCI solutions for customers who want to run virtualized applications on modern hyperconverged infrastructure (HCI) to lower costs and improve performance. Azure Stack HCI solutions feature the same software-defined compute, storage, and networking software as Azure Stack, and can integrate with Azure for hybrid capabilities such as cloud-based backup, site recovery, monitoring, and more.

With Azure Stack, you can run Azure IaaS and PaaS services on-premises to consistently build and run cloud applications anywhere.

Azure Stack HCI is a better solution to run virtualized workloads in a familiar way – but with hyperconverged efficiency – and connect to Azure for hybrid scenarios such as cloud backup, cloud-based monitoring, etc.