This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
Azure
Storage
Advanced threat protection for Azure Storage
The preview of extending advanced threat protection for Azure Storage is available to support Azure Files and Azure Data Lake Storage Gen2 API, helping customers to protect their data stored in file shares and data stores designed for enterprise big data analytics. With this release, Azure Files customers can benefit from the following capabilities of advanced threat protection for Azure Storage:
- World-class algorithms that learn, profile, and detect unusual or suspicious activity in your file shares
- Actionable alerts in a centralized view in Azure Security Center with optional email notifications
- Integration with Azure Sentinel for efficient threat investigation
- Azure-native support for Azure Files with one click enablement from the Azure portal and with no need to modify your application code
Allow or disallow blob public access on Azure Storage accounts
Azure Storage now supports anonymous public read access for containers and blobs. By default, all requests to a container and its blobs must be authorized by using either Azure Active Directory (Azure AD) or shared key authorization. When you configure a container’s public access level setting to permit anonymous access, clients can read data in that container without authorizing the request. Anonymous public read access to containers and blobs in Azure Storage is a convenient way to share data, but may also present a security risk. It’s important to enable anonymous access judiciously and to understand how to evaluate anonymous access to your data. If your scenario does not require it, you can disable it for the storage account.
Azure Blob versioning public preview region expansion
Azure Blob Versioning automatically maintains previous versions of an object and identifies them with version IDs. You can list both the current blob and previous versions using version ID timestamps. You can also access and restore previous versions as the most recent version of your data if it was erroneously modified or deleted by an application or other users. Microsoft has expanded the preview regions to include East US 2, Central US, West Europe, and North Europe. You can start previewing this feature on any existing or new General-purpose (GPv2) storage accounts in those regions.
Azure shared disks general availability
With shared disks, Azure Disk Storage is the only shared block storage in the cloud that supports both Windows and Linux-based clustered or high-availability applications. This unique offering allows a single disk to be simultaneously attached and used from multiple virtual machines (VMs), enabling you to run your most demanding enterprise applications in the cloud, such as clustered databases, parallel file systems, persistent containers, and machine learning applications, without compromising on well-known deployment patterns for fast failover and high availability.
Improved availability guarantees with single VM SLA for Standard SSD and Standard HDD
To strengthen the availability guarantee of VMs, Microsoft is extending the single-instance VM SLA to all disk types including Standard SSD and Standard HDD. Previously, it offered an SLA of 99.9 percent for single-instance VMs using Premium SSD and Ultra Disks. Now it offer an SLA of 99.5 percent for single-instance VMs using Standard SSD and an SLA of 95 percent for single-instance VMs using Standard HDD, improving the availability guarantee to cover all single-instance VMs.
Azure Disk Storage with Azure Private Link integration is in preview
For enhanced security, you can now restrict access to your data by only allowing import and export from your private Azure virtual network by leveraging the integration with Azure Private Link.
Performance tiers for Azure Disk Storage are in limited preview
Azure Disk Storage now enables you to set performance tiers (in limited preview) of your Premium SSD for a specific duration of time without increasing the capacity of the disk. Performance tiers provide the flexibility to achieve higher performance while controlling costs. This helps to sustain high-performance demands. Your provisioned disk is first set to a baseline performance tier based on its size. When your application has higher performance demands, choose a higher performance tier, then return your provisioned disk to the baseline performance tier when the high-demand period is over.
Networking
Azure Virtual WAN: install network virtual appliances directly into an hub
Several new capabilities for Azure Virtual WAN are now in preview, including the option to install network virtual appliances directly into a virtual WAN hub as an option for SD-WAN connectivity. Microsoft is currently partnering with Barracuda, to be followed by other third-party network virtual appliance partners, to provide this service. This allows you to leverage your vendor’s proprietary path selection and policy management capabilities with Azure infrastructure and virtual WAN routing capabilities.
Azure Application Gateway: URL rewrite and wildcard listener in preview
URL rewrite and wildcard host names in listener for Azure Application Gateway are now available in preview.
Use the URL rewrite capability in Application Gateway to:
- Rewrite the host name, path, and query string of the request URL.
- Choose to rewrite the URLs of all requests on a listener or only those requests thta match one or more of the conditions you set. These conditions are based on the request and response properties.
- Choose to route the request (select the backend pool) based on either the original URL or the rewritten URL.
Use wildcard host names in listener to:
- Use wildcard characters like asterisk (*) and question mark (?) in the host name, which can accept any incoming request with the host header matching the pattern.
- Configure up to five host names per multisite listener using the new hostnames field.
Azure Stack
New Azure Stack HCI Preview
Microsoft just announced the new Azure Stack HCI, delivered as an Azure hybrid service, at Microsoft Inspire 2020. Azure Stack HCI Preview is a hyperconverged infrastructure host from Microsoft, now delivered as an Azure hybrid service. Run Windows and Linux virtual machines on-premises on a host platform that’s IT friendly and managed by you with existing tools, processes, and skillsets. Easily extend your infrastructure with up-to-date Azure hybrid services for monitoring at scale.