This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Local, as officially released by Microsoft in the past two weeks.

Azure

Compute

6th Generation Intel-Based VMs – Dv6/Ev6 Now Generally Available

Azure has announced the general availability of the Dv6 and Ev6 series Virtual Machines (VMs), powered by the 5th Gen Intel® Xeon® Platinum 8537C (Emerald Rapids) processor. These new Intel-based VMs offer three different memory-to-core ratios and come in 84 different sizes, ranging from 2 to 192 vCPUs with up to 1.8TB of memory. Customers can choose options with or without local SSDs across the new VM families, including:

• General Purpose: Dsv6, Dlsv6, Ddvs6, and Dldsv6 series.
• Memory Optimized: Esv6 and Edsv6 series, with constrained core variants for high data throughput workloads.

These next-generation VMs deliver:

• Up to 27% higher vCPU performance and 3x larger L3 cache compared to previous Intel-based Dl/D/Ev5 VMs.
• Azure Boost capabilities, including:
  • Up to 400K IOPS and 12 GB/s remote storage throughput.
  • Up to 200 Gbps VM network bandwidth.
  • 46% larger local SSD capacity with 3x read IOPS.
  • NVMe interface for local and remote disks.
• Enhanced security through Total Memory Encryption (TME) technology.

These improvements significantly extend Intel-based VM performance in Azure, providing customers with high-throughput, high-memory, and high-security computing options. The new Dv6/Ev6 VMs are now available in multiple regions across North America, Europe, and Asia, with further expansion planned.

Upgrade Existing Azure Gen1 VMs to Gen2-Trusted Launch (preview)

Azure has introduced public preview support for upgrading existing Azure Generation 1 VMs to Generation 2-Trusted Launch, improving security without requiring full VM redeployment.

Trusted Launch VMs enhance security by enabling:

• Secure Boot: Protects against rootkits and bootkits.
• Virtual Trusted Platform Module (vTPM): Strengthens OS integrity and enables attestation by measuring the VM’s boot chain.

This upgrade option provides foundational compute security for existing workloads, allowing organizations to strengthen their virtual infrastructure without disrupting operations.

Networking

New Pricing for Azure Virtual Network Manager Now Generally Available

Azure has introduced new pricing for Azure Virtual Network Manager (AVNM), a centralized network management service that enables users to manage virtual network connectivity, security, and routing at scale.

Starting February 11, 2025, all newly created Azure Virtual Network Manager instances will be charged based on the number of virtual networks where an active AVNM configuration is deployed. This replaces the previous subscription-based pricing model. Charges will only apply when using configuration features such as:

• Connectivity
• Security Admin
• Routing

This new virtual network-based pricing aligns costs more closely with actual usage, providing greater flexibility for a broader range of customers.

Transition for Existing AVNM Instances:

• Existing Azure Virtual Network Manager instances can opt-in to the new pricing model.
• No automatic changes will be applied to existing AVNM instances before February 2028, allowing businesses to maintain their current billing structure until then.

This pricing adjustment ensures a more scalable and cost-effective approach for organizations managing large virtual network infrastructures in Azure.

Fallback to Internet on Private DNS Zones Now Generally Available

Azure has introduced Fallback to Internet on Private DNS Zones, a new feature that simplifies network isolation and enhances Private Link and Private DNS adoption. This fully managed solution eliminates the need for IaaS-based DNS servers, providing seamless public DNS resolution when a Private DNS Zone returns an authoritative NXDOMAIN response.

Key Benefits:

• Automatic Public DNS Recursion: When an authoritative NXDOMAIN response is received, Azure’s recursive resolver fleet provides public DNS resolution.
• Fully Managed Native Solution: No need to deploy and maintain IaaS-based DNS servers.
• Simplified Private Link Integration: Enhances usability and adoption of Private Link and Private DNS configurations.
• Configurable via API, CLI, and PowerShell: The feature is already available, with Azure Portal support rolling out in the next two weeks.

This resolution policy is enabled at the Virtual Network Link level. In the Azure Portal, users can enable this feature by selecting “Enable fallback to internet” in the virtual network link configuration.

With this enhancement, Azure provides a more flexible and efficient DNS resolution experience for customers implementing private networking solutions.

Azure Firewall Updates – Increased IP Group Limits Now Generally Available

Azure has doubled the IP Group limit in Azure Firewall policies, increasing the maximum from 100 to 200 per policy.

Key Benefits:

• Better Policy Organization: Allows management of more IP addresses within a single firewall policy.
• Greater Flexibility: Optimizes configurations for complex network security needs.

This enhancement improves scalability and efficiency in managing large-scale network security policies, providing greater flexibility for enterprises using Azure Firewall.

Azure Firewall Updates – BYOIP Support for Secured Virtual Hubs (Preview)

Azure Firewall now supports Customer Provided Public IP (BYOIP) for Secured Virtual Hub deployments, allowing administrators to assign and manage customer-managed public IPs for new firewall instances.

Key Benefits

• Full Control: Customers can own and manage the lifecycle of their firewall’s public IPs.
• Enhanced Security: Enables DDoS mitigation for better protection against cyber threats.
• IP Address Flexibility: Public IPs can be allocated from an IP prefix pool, offering more control over network configurations.

This update enhances security, flexibility, and manageability for customers leveraging Azure Firewall in Secured Virtual Hubs.

Storage

Azure File Sync v20 Agent Now Available

The Azure File Sync v20 agent is now flighting and available on the Microsoft Update Catalog. Servers configured for automatic updates will receive the latest version when available.

Managed Identities Preview Enhancements

Azure File Sync support for managed identities (preview) was first announced in November 2024. Since then, Microsoft has introduced the following improvements:

• Portal Integration:
  • You can now configure Azure File Sync with managed identities via the Azure Portal.
  • This feature will be gradually enabled across all regions in the next few weeks.
• Storage Account Security Improvements:
  • The following settings on your storage account are no longer required and can now be disabled:
    • Allow storage account key access
    • Allow Azure services on the trusted services list to access this storage account

These updates enhance security and simplify management by enabling a more secure, identity-based authentication approach for Azure File Sync deployments.

Modern Version of the Azure Storage Data Movement Library Now Generally Available

The modern version of the Azure Storage Data Movement Library has reached General Availability, delivering a streamlined and efficient data transfer experience for Azure Blob and Azure File Storage users.

This update introduces enhanced capabilities, including:

• Progress Tracking: Monitor real-time transfer status.
• Pause and Resume: Gain flexibility in managing data transfers.
• Checkpointing: Resume transfers from the last saved state in case of interruptions.

Additionally, the library now shares infrastructure with the modern v12 Azure Storage libraries, improving integration with Azure Identity packages to align with modern security standards. These improvements simplify and enhance data movement in Azure.

Azure Premium SSD v2 Disk Storage and Azure Ultra Disk Storage Now Available in New Zealand North

Azure Premium SSD v2 Disk Storage and Azure Ultra Disk Storage are now generally available in the New Zealand North region, enhancing Azure’s global storage capabilities. Premium SSD v2 delivers sub-millisecond latencies for IO-intensive workloads at a low cost, offering the best price-performance ratio for general-purpose block storage. Optimized for demanding workloads like SQL Server, Oracle, SAP, big data analytics, and gaming, it ensures high performance, enterprise readiness, and cost efficiency. For regions where Premium SSD v2 is unavailable, Microsoft provides a survey for customers to express interest. Additionally, Azure Ultra Disk Storage, now available in the same region, offers high throughput, high IOPS, and consistently low latency, further empowering enterprises with scalable and performant storage solutions.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Please follow and like us: