Archivi categoria: Azure Storage

Azure IaaS and Azure Stack: announcements and updates (March 2024 – Weeks: 09 and 10)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Retirement of Cloud Services (classic) Deployment Model

Azure has announced the retirement of the Cloud Services (classic) deployment model on August 31, 2024. Users are encouraged to migrate their services to Cloud Services (extended support) within Azure Resource Manager before this date to avoid service disruption. This transition enables access to new capabilities such as deployment templates, role-based access control, and regional resiliency.

Change Actor in Azure Resource Graph (preview)

Azure introduces the public preview of Change Actor in Azure Resource Graph, a tool that enhances audit, troubleshooting, and governance capabilities. This feature allows users to identify who made changes to resources, the client used for the change, and the operation called. By integrating Change Actor functionality, Azure offers improved visibility and control over resource changes, facilitating better management across tenants and subscriptions.

Compute

New Generation AMD VMs – Dasv6/Easv6/Fasv6 (preview)

Azure announces the public preview of the new generation AMD-based VMs, leveraging the 4th Generation AMD EPYC™ 9004 (Genoa) CPU. These VMs, available in Dasv6, Easv6, and Fasv6 series, offer enhanced performance and reliability. They support various memory to core ratios, catering to general-purpose, memory-optimized, and compute-optimized needs. Equipped with Azure Boost and NVMe interfaces, these VMs promise up to 80% better remote storage performance, faster local storage speeds, and improved networking bandwidth. Initially available in the East US 2 region, these VMs represent a significant expansion in Azure’s AMD VM offerings.

Networking

Azure Route Server Now Available in ItalyNorth Azure Region

Azure Route Server has been introduced to the ItalyNorth Azure Region, offering simplified dynamic routing between network virtual appliances (NVAs) and Azure virtual networks. This service facilitates the direct exchange of routing information via the Border Gateway Protocol (BGP) without the manual configuration of route tables. Azure Route Server, as a fully managed service, ensures high availability and seamless integration with the Azure Software Defined Network (SDN), enhancing network management and efficiency.

Azure Virtual Network Encryption Expanded to Additional Regions

Azure has extended its Virtual Network encryption feature to additional regions, including West US, East US, Europe, and more. This enhancement allows for the encryption of traffic within the same virtual network and across peered networks, bolstering security for data in transit. The expansion of this feature underscores Azure’s commitment to providing robust security options for its users.

Application Gateway for Containers

Microsoft Azure has announced the general availability of Application Gateway for Containers, marking a significant evolution in application load balancing technology. This service enhances the capabilities of the traditional Application Gateway and its Ingress Controller by offering advanced layer 7 load balancing and dynamic traffic management for Kubernetes workloads. With features like Custom Health Probes, URL Redirect, and URL/Header Rewrite, the service ensures near-to-real-time updates in response to changes within the Kubernetes environment. The general availability version also introduces Controller High Availability, Gateway API v1 integration, additional regional availability, and a service level agreement (SLA) to support production workloads confidently.

Azure Application Gateway introduces support for TLS and TCP protocols (preview)

Azure Application Gateway expands its functionality by introducing support for TLS and TCP protocols in public preview. This enhancement allows for the utilization of Application Gateway in non-HTTP applications, catering to protocols such as SQL, MQTT, and AMQP. It facilitates the use of custom domains with Application Gateway’s TLS certificate management, ensuring secure connections for clients and access to any backend service. Moreover, this feature provides a unified endpoint for client access, as a single Application Gateway resource can now support both Layer 7 (HTTP/S) and Layer 4 (TCP and TLS) protocols. Available for Standard V2 and Web Application Firewall V2 SKUs, this update broadens the scope of Application Gateway’s capabilities.

Internet inbound for Network Virtual Appliances in Virtual WAN Hubs (preview)

The introduction of Internet inbound (Destination NAT) for Next-Generation Firewall Network Virtual Appliances (NVAs) in Virtual WAN hubs is now in public preview. This feature enables network administrators to publish applications to a wider internet audience without directly exposing the application or server’s public IP. Instead, users access applications through a public IP address assigned to a Firewall NVA, which is configured to filter, translate, and control access to backend applications. With the ability to associate public IP addresses to Firewall NVAs deployed in Virtual WAN Hubs and utilize NVA management and orchestration software, Virtual WAN customers can now seamlessly program both the Virtual WAN infrastructure and the NVAs to accept and forward inbound traffic, enhancing security and accessibility.

Storage

Azure File Sync Agent v17.2 Release

The Azure File Sync Agent v17.2 has been officially released, consolidating improvements and fixes from its predecessors, versions 17.0 and 17.1. This update is crucial for users with the Azure File Sync agent version 16 or below, as both versions 16.2 and 17.2 are now available for update. This version marks the final planned release for Windows Server 2012 R2, with support for this server ending on March 4th, 2025. The agent is compatible with Windows Server 2012 R2, 2016, 2019, and 2022, providing enhanced functionality and stability.

Azure Blob Storage Cold Tier SLA

As of August 10th, 2023, Azure Blob Storage Cold Tier is generally available, providing a cost-effective solution for long-term storage of infrequently accessed data. The service level agreement (SLA) for Azure Blob Storage now includes this new online access tier, ensuring Microsoft’s commitment to uptime and connectivity.

Encryption at Host for Premium SSD v2 and Ultra Disks Expanded

Encryption at host for Premium SSD v2 and Ultra Disks is now generally available in additional regions including Canada East, West Europe, South Central US, and West US 3. This feature enhances security by starting encryption at the VM host level, ensuring data is encrypted at rest and in transit to the Storage service. The expansion of this feature demonstrates Azure’s ongoing commitment to providing secure and reliable cloud storage options.

Azure NetApp Files Volume Enhancement (preview)

Azure NetApp Files introduces a significant enhancement in public preview, allowing volumes in different availability zones within the same region to share the same volume mount path. This feature supports highly available architectures through cross-zone replication, simplifying automation and minimizing manual intervention during disaster recovery failovers. It is applicable to SMB, NFS, and dual-protocol volumes, facilitating improved recovery times and data availability across various scenarios, including host-based replication and test/dev environments.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (February 2024 – Weeks: 07 and 08)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Windows Admin Center for Azure Virtual Machines

The Windows Admin Center for Azure Virtual Machines marks a significant step forward in cloud management by integrating directly into the Azure Portal. This tool is engineered to streamline the administration of Windows Server Operating Systems for Azure Virtual Machines. By facilitating in-browser RDP and PowerShell sessions, managing files, viewing events, and monitoring performance, it significantly reduces the necessity for remote desktop connections. A standout feature is its integration with Azure Active Directory for single sign-on capabilities, offering a cohesive identity experience across Azure services. This innovation not only simplifies virtual machine deployment and maintenance but also enhances security by minimizing dependence on local administrator accounts.

Compute

NVv5 Series VMs Now Available in Italy North Azure Region

Azure’s NVv5 Series Virtual Machines, equipped with NVIDIA A10 GPUs and AMD EPYC 74F3V CPUs, are now accessible in the Italy North region. These VMs cater to the needs of high-performance computing and graphics-intensive applications, offering a blend of powerful computational resources and graphical processing capabilities. This expansion into the Italy North region underscores Azure’s commitment to providing geographically diverse options for compute-intensive workloads.

Trusted Launch for Azure VMs in China Regions

Microsoft is proud to announce the general availability of Trusted Launch for Azure virtual machines in all Azure regions across China, encompassing China East, China East 2, China East 3, China North, China North 2, and China North 3. This major update introduces a strengthened security framework for Azure Virtual Machines. Trusted Launch enhances foundational VM security by guaranteeing booting to a defined and trusted state, a crucial step in combating sophisticated malware threats, including boot kits and rootkits, by offering kernel-mode level security on par with the operating system.

Furthermore, Trusted Launch activates Credential Guard, a significant security measure that protects user passwords and derived domain credentials via secure boot, virtualization-based security, and vTPM, which are critical for domain controllers. This feature also provides ongoing insights into the health state and boot chain integrity of virtual machines, along with remediation pathways for attestation failures through Microsoft Defender for Cloud.

Especially for Windows 11 virtual machines, Trusted Launch bolsters defense mechanisms against lower layer malware through the support of UEFI, secure boot, and vTPM. This comprehensive security enhancement ensures a more secure and reliable environment for Azure VMs, marking a significant advancement in cloud security measures tailored to meet the evolving threats in the digital landscape.

Networking

Azure Firewall Enhancements: Flow Trace Logs and Autoscaling

Azure Firewall’s new enhancements, including Flow Trace Logs and autoscaling based on the number of connections, provide granular insights and improved scalability. Flow Trace Logs offer detailed visibility into TCP handshake logs, aiding in troubleshooting packet drops and route asymmetry. The autoscaling feature now adjusts firewall resources based on traffic connection counts, alongside throughput and CPU usage, enabling a more responsive and efficient firewall performance.

Parallel IP Group Update Support for Azure Firewall

The introduction of Parallel IP Group update support in public preview marks a significant improvement in Azure Firewall’s configuration management. This feature allows for the simultaneous update of up to 20 IP Groups within a Firewall Policy, streamlining administrative tasks and enabling faster, more scalable changes. This update is particularly beneficial for administrators utilizing dev ops methodologies for configuration changes, enhancing efficiency and agility in firewall management.

Storage

Azure Elastic SAN (General Availability)

Azure Elastic SAN’s transition to general availability signifies a milestone in cloud storage solutions, offering a fully-managed, cloud-native SAN experience. This service is designed for seamless migration of extensive SAN environments to Azure, simplifying the deployment, scaling, management, and configuration of storage area networks in the cloud. It introduces a SAN-like resource hierarchy and provisions resources at the appliance level, dynamically allocating these to accommodate various workloads, including databases, VDIs, and business applications. The integration of Azure Monitor Metrics and Azure Policy aids in managing performance and preventing misconfigurations, respectively, merging the efficiency of traditional SAN systems with the flexibility and scalability of cloud storage.

Azure File Sync Agent Releases: v17.1 and v16.2 (Security Only Updates)

The release of Azure File Sync agent versions 17.1 and 16.2 as security-only updates addresses a critical vulnerability (CVE-2024-21397) that previously allowed unauthorized file creation. These updates underscore Azure’s commitment to security, providing essential patches for Windows Server installations ranging from version 2012 R2 to 2022. Detailed installation instructions are provided (KB5023054 and KB5023052), ensuring users can securely synchronize files across their environments.

Azure Blob Storage Cold Tier: Enhanced Support for Change Feed and Object Replication

The general availability of Azure Blob Storage Cold Tier’s support for Change Feed and Object Replication introduces significant enhancements for data storage and management. This feature enables the capturing of changes to blobs and their metadata within the cold tier, facilitating efficient data replication and access. It represents Azure’s ongoing efforts to provide cost-effective, flexible storage solutions for infrequently accessed data with long-term retention requirements.

Zone Redundant Storage (ZRS) for Azure Disks in Canada Central 

The general availability of Zone Redundant Storage for Azure Disk Storage in the Canada Central region provides a robust solution for data resilience and availability. By offering synchronous replication across three availability zones, ZRS enables Azure Disks to withstand zonal failures, ensuring uninterrupted application performance. This feature is particularly valuable for applications requiring high availability without the complexity of application-level data replication.

Azure NetApp Files Standard Network Features

Azure NetApp Files now supports the general availability of Standard network features, allowing for the editing of network features for Azure NetApp Files volumes. This update brings an enhanced Virtual Networking experience, ensuring seamless integration and improved security posture. Users can now edit existing Azure NetApp Files volumes and upgrade from Basic to Standard network features. This enhancement includes increased IP limits for VNets with Azure NetApp Files volumes, aligning them with VM capabilities to facilitate customer integration into existing network topologies. Moreover, it introduces enhanced network security with support for Network Security Groups (NSGs) on Azure NetApp Files delegated subnets, a feature long requested by customers for meeting enterprise security requirements. Enhanced network control is also achieved through support for User-defined routes (UDRs), allowing traffic direction via chosen Network Virtual Appliances. Additionally, connectivity has been improved with Active/Active VPN gateway setup and ExpressRoute FastPath connectivity, ensuring low latency and high bandwidth connectivity from on-premises networks to Azure.

Introducing Azure Storage Actions: Serverless Storage Data Management (Preview)

Microsoft has recently announced the public preview of Azure Storage Actions, a fully managed platform specifically crafted to streamline data management tasks for Azure Blob Storage and Azure Data Lake Storage. With the exponential growth of data, organizations find themselves grappling with the complexities of efficiently managing their data assets. Azure Storage Actions seeks to alleviate these challenges by offering a serverless infrastructure that dynamically scales to meet data management demands, eliminating the need for resource provisioning or management.

This innovative platform provides a no-code experience, enabling users to easily define conditional logic for processing data objects. It supports an array of tasks aimed at enhancing data utility and security, such as cost optimization, data protection, rehydration from archives, and tagging, among others. Additional functionalities are expected to be added in future updates, further expanding its capabilities.

Azure Storage Actions facilitates the rapid composition, validation, and deployment of data management tasks. It features an intuitive Azure portal interface that simplifies the process of defining operations and validating them, ensuring a seamless user experience. Moreover, the platform offers robust support for programmatic management through various tools including REST APIs, the Azure SDK, PowerShell, the Azure Command-Line Interface (CLI), and Azure Resource Manager (ARM) templates. This versatility makes Azure Storage Actions a comprehensive solution for managing large-scale data assets across Azure Blob Storage and Azure Data Lake Storage, promising to significantly enhance data management efficiency and effectiveness for organizations worldwide.

Azure Stack

Azure Stack HCI

Supported Azure Stack HCI Scenarios with System Center

The integration of Azure Stack HCI, version 23H2, with System Center Virtual Machine Manager (SCVMM) marks a significant step forward in hybrid cloud management. Azure Stack HCI 23H2 elevates cloud-based management capabilities through Azure Arc, catering to the needs of large-scale datacenter customers who rely on System Center VMM for their virtualization environment management. The recent announcement from the System Center team outlines the supported scenarios in SCVMM for managing Azure Stack HCI 23H2, providing clarity and direction for system administrators and IT professionals.

SCVMM Support for Azure Stack HCI 23H2

The supported scenarios in SCVMM for Azure Stack HCI 23H2 include:

  • Addition and Management of Azure Stack HCI Clusters: SCVMM facilitates the addition of Azure Stack HCI clusters into your management framework, allowing for comprehensive oversight.
  • Virtual Machine Operations: Provisioning, deploying, and performing lifecycle operations on VMs within Azure Stack HCI clusters are fully supported, streamlining virtual machine management.
  • Storage and Volume Management: SCVMM enables the management of storage pool settings, creation of virtual disks, cluster shared volumes (CSVs), and application of Quality of Service (QoS) settings to optimize storage performance.
  • Workload Migration: The migration of VMware and Windows Server-based workloads to Azure Stack HCI is supported, offering flexibility in transitioning to Azure Stack HCI environments.
  • Cluster Management via PowerShell: Azure Stack HCI clusters can be managed using the same PowerShell cmdlets as Windows Server clusters, ensuring a consistent management experience.
  • Azure Integration: Azure-based VM self-serve capabilities and management services are extended through Azure Arc-enabled SCVMM, enhancing cloud connectivity and management.

Limitations and Azure/WAC Exclusive Scenarios

While SCVMM supports a broad range of management functions, certain scenarios remain exclusive to Azure Portal/Windows Admin Center (WAC) for Azure Stack HCI 23H2:

  • Cluster Creation and Registration: The creation and registration processes for Azure Stack HCI clusters are integrated into deployment and exclusively managed through Azure Portal/WAC.
  • Upgrades and Azure Benefits: Upgrading from Azure Stack HCI 22H2 to 23H2 and enabling Azure benefits on VMs are managed only via Azure Portal/WAC.
  • Advanced Features: New features of Azure Stack HCI 23H2, such as GPU-Partitioning and SDN Multi-site, along with previously unsupported features like Stretched clustering with 22H2, are managed outside of SCVMM.

Future Support and Availability

Support for Azure Stack HCI 23H2 in SCVMM is scheduled to be included in the next Long-Term Servicing Channel (LTSC) version of System Center. The general availability of this version is anticipated to align closely with the release of Windows Server 2025, offering forward-looking compatibility and support for Azure Stack HCI environments.

This integration underscores Microsoft’s commitment to hybrid cloud environments, providing the tools necessary for seamless management of virtualized infrastructure both on-premises and in the cloud. As the landscape of Azure Stack HCI evolves, the synergy between Azure Stack HCI and System Center continues to strengthen, offering a robust, scalable, and efficient management solution for modern datacenters.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Beyond traditional SAN: Azure Elastic SAN and the new era of cloud storage

Microsoft has recently unveiled Azure Elastic SAN, a groundbreaking offering in the cloud computing sector, marking the debut of the first fully managed, cloud-native Storage Area Network (SAN) solution. This initiative aims to radically transform how SANs are deployed, managed, and configured within the cloud ecosystem, promising to revolutionize current practices. Indeed, Azure Elastic SAN stands as a turning point for organizations looking to simplify and optimize the transition of their SAN infrastructures to the cloud, ensuring an unprecedented level of operational efficiency. This article seeks to explore Azure Elastic SAN in detail, highlighting its main innovations, such as the adoption of a resource hierarchy inspired by traditional SANs and the ability to dynamically allocate resources to support a wide range of workloads, from databases and virtual desktop infrastructures to critical business applications. Specific use cases will also be analyzed, illustrating the flexibility and added value Azure Elastic SAN can provide, including advanced data security management and integration with other Azure solutions.

Features of Azure Elastic SAN

Azure Elastic SAN positions itself as a cutting-edge solution, designed to effectively meet the scalability, management, and security needs of modern storage infrastructures. Here are the key features of the solution:

  • Simplified Management: Azure Elastic SAN eliminates the complexity typically associated with configuring and managing a traditional SAN. It offers a fully managed environment, allowing administrators to focus on applications rather than the underlying infrastructure.
  • Dynamic Scalability: A key feature of Azure Elastic SAN is its ability to dynamically scale resources to meet the changing needs of workloads. This includes the ability to increase IOPS (Input/Output Operations Per Second) and bandwidth without interruptions or downtime.
  • High Performance: The solution can support up to 80,000 IOPS per single volume and speeds up to 1,280 MBps. Azure Elastic SAN is designed for high-throughput and IOPS-intensive workloads, ensuring exceptional performance.
  • Security and Compliance: It implements advanced security measures, including server-side encryption with customer-managed keys and support for private endpoints, to ensure data is protected in accordance with company policies and industry regulations.
  • Integration with Azure Monitor and Azure Policy: Azure Elastic SAN integrates closely with other Azure services, such as Azure Monitor for monitoring performance and capacity metrics, and Azure Policy to prevent misconfigurations and potential incidents.

Azure Elastic SAN Resources

Azure Elastic SAN integrates two fundamental components into its architecture: Volume Groups and Volumes, essential for organizing and managing storage. These components work together to replicate the functionality and flexibility of a traditional on-premise SAN, while simultaneously simplifying provisioning and billing management directly from the cloud.

Architecture and Resource Mapping

The structure of Azure Elastic SAN serves as a virtual equivalent of a traditional SAN application, with a direct mapping of its resources to those of a physical SAN:

  • Elastic SAN: Acts as the heart of the infrastructure, similar to an on-premise SAN device, managing billing and provisioning operations.
  • Volume Groups: Function as network nodes, facilitating access and storage management.
  • Volumes: Correspond to the actual storage space, similarly to the physical volumes of an on-premise SAN.

Figure 1 – Relationship and Mapping of Resources of an Azure Elastic SAN to the Resources of an On-Premise SAN

Configuring Elastic SAN

Configuring an Elastic SAN involves determining the infrastructure’s redundancy and provisioning the storage. The configured storage’s capacity and performance define the SAN’s overall capabilities, directly affecting the capacity and performance available for each volume.

Volume Groups and Volumes

Volume Groups are management tools designed for the effective and centralized administration of multiple volumes. Settings and configurations applied to a group, such as virtual network rules, are automatically extended to all associated volumes, facilitating management and scalability.

Use Cases

Azure Elastic SAN stands out not only for its advanced technical features but also for its applicative versatility, making it suitable for a wide range of operational scenarios. Below, we will explore some of the most significant use cases where Azure Elastic SAN demonstrates its added value, highlighting how this solution can be the key to addressing complex challenges and optimizing operations in the cloud:

  • Optimizing SQL databases: Elastic SAN is ideal for databases like SQL Server, where high throughput and IOPS requirements are prevalent. It allows for avoiding oversizing Azure VMs, thus optimizing performance and reducing costs.
  • Facilitated migration from on-premises SAN to the cloud: Azure Elastic SAN eases the migration of on-premises SAN environments to the cloud, thanks to its IOPS and throughput capabilities, dynamically sharing performance across workloads.
  • Storage consolidation: Enables dynamic sharing of performance across volumes, facilitating the achievement of high performance efficiently and helping to prevent the oversizing necessary to manage traffic peaks.
  • Integration with Azure VMware Solution: Integration with Azure VMware Solution allows for expanding the storage capacity of the solution without needing to increase vSAN storage nodes. This is made possible by presenting an Elastic SAN volume as an external datastore.
  • Support for Azure Container Storage: Elastic SAN supports Azure Container Storage, leveraging the efficiency of the iSCSI protocol. This integration enables significant storage cost reductions through dynamic resource sharing.

For more details on the solution, Microsoft’s official documentation can be consulted, while pricing information can be found on the dedicated page.

Conclusions

Azure Elastic SAN represents a milestone in the landscape of cloud storage solutions, offering companies the opportunity to migrate their on-premises SAN environments to the cloud with unprecedented ease. Its introduction not only simplifies the management and scalability of SANs in the cloud but also opens up new opportunities for performance optimization and cost efficiency. With Azure Elastic SAN, organizations can now make the most of their high-throughput and IOPS-intensive workloads, consolidate storage, and achieve cost efficiency on a large scale, marking the beginning of a new era for cloud storage.

Azure IaaS and Azure Stack: announcements and updates (February 2024 – Weeks: 05 and 06)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Azure VMware Solution Now Available in Italy North Region

Azure VMware Solution has been made available in the Italy North Azure Region. This expansion allows customers in Italy to integrate their VMware workloads with Azure services seamlessly, leveraging the global scale, security, and performance of Azure while maintaining the VMware tools and expertise they are accustomed to. This launch supports the growing demand for cloud solutions in the region, enabling local businesses to innovate and scale with the cloud’s flexibility and efficiency.

Italy North Region Added to Azure HDInsight

Azure HDInsight is now generally available in the Italy North region. This expansion enhances Azure’s managed, full-spectrum, open-source analytics service capabilities, allowing enterprises to leverage popular frameworks such as Hadoop, Apache Spark, Apache Hive, LLAP, Apache Kafka, and more within Italy North. The availability of HDInsight in this region enables local and global enterprises to process big data, run real-time analytics, and use machine learning more efficiently with reduced latency.

Networking

Azure Virtual Network Manager Security Admin Rule Configuration Feature 

The Azure Virtual Network Manager’s security admin rule configuration feature has reached general availability (GA) across 30 regions. This feature empowers organizations to enforce security policies across their virtual networks (VNets) efficiently, spanning subscriptions and regions worldwide. By prioritizing these rules above network security groups (NSGs), it ensures a standardized approach to security, helping to mitigate misconfigurations and adherence to corporate policies. The introduction of security admin rules streamlines network management, reducing the complexity of operations while enhancing security measures for expanding network infrastructures.

Azure Virtual Network Manager Topology View 

Azure Virtual Network Manager (AVNM) topology view has been officially launched and is now generally available. This innovative feature offers a scalable and reliable solution for managing networks across global subscriptions. It integrates with Azure Resource Topology (ART) to provide a comprehensive visualization of network resources, contextualized by AVNM connectivity configurations. The topology view facilitates a deeper understanding of network connections, offering insights into the connectivity among network groups and VNets, thus enhancing confidence in network deployment strategies.

ExpressRoute Guided Portal Experience (preview)

Microsoft announces the public preview of the ExpressRoute guided portal experience, aimed at simplifying the configuration of multi-site resilient ExpressRoute circuits. This new portal experience offers critical information, such as the distance between peering locations and traffic engineering recommendations, to assist customers in making informed decisions. During the preview, users can access this feature globally in the Azure public cloud via the Azure portal flight link. This initiative underscores Microsoft’s commitment to providing intuitive tools for enhancing network resiliency and connectivity.

Storage

Mount Azure Storage as a Local Share in App Service Linux Now Supports NFS

Azure App Service Linux now supports NFS when mounting an Azure File share as a local share for web apps. This update enables more flexible and efficient storage solutions for web applications hosted on Azure, streamlining the integration and management of file storage.

Azure Ultra Disk Storage Now Available in Canada East

Azure Ultra Disk Storage, offering high throughput, high IOPS, and consistent low-latency disk storage, is now available in Canada East. Ideal for data-intensive workloads such as SAP HANA, top-tier databases, and transaction-heavy workloads, Ultra Disk Storage enhances Azure Virtual Machines’ performance and capabilities in the region.

Azure NetApp Files Standard Network Features – Edit Volumes in US Gov Regions

Azure has launched a public preview for editing network features of Azure NetApp Files volumes in US Gov regions, leveraging advanced hardware and software integration. This update introduces Standard Network Features, enhancing the virtual networking experience with improved security for Azure NetApp Files. Users can now upgrade Basic network features to Standard, benefiting from increased IP limits, enhanced network security and control, and improved connectivity options. This preview is available across all US Gov regions (VA, TX, & AZ).

General Availability: Support for up to 100 TB of Storage for the FHIR Service

Azure announces general availability for expanded storage support in the FHIR service, part of Azure Health Data Services, up to 100 TB. This enhancement allows for the storage and exchange of vast amounts of health data, facilitating large-scale analytics, population health management, research, and insights from health data. Organizations requiring storage beyond the default 4 TB can request an increase through the Azure portal.

Azure Stack

Azure Stack HCI

Azure Stack HCI 23H2 General Availability

Microsoft has announced the general availability of Azure Stack HCI version 23H2, marking a significant update in cloud-managed edge infrastructure. This version is ready for production . It introduces several previews, including Azure Migrate and Microsoft Defender for Cloud, specifically designed for Azure Stack HCI environments. However, it’s noteworthy that certain features like stretched clustering and System Center VMM support are temporarily unavailable in some regions. The launch of Azure Stack HCI 23H2 represents a leap forward in Microsoft’s edge infrastructure offerings, providing enterprises with robust, scalable solutions for their hybrid cloud environments.

Key Highlights:

  • Production-Ready: Azure Stack HCI 23H2 is now ready for production environments, offering robust and reliable infrastructure solutions.
  • Seamless Update Process: An update from the previous version 22H2 to 23H2 will soon be available, specifically targeting 23H2 clusters to ensure smooth transitions.
  • Enhanced Solutions Availability: The GA version includes premier and integrated solutions, enriching the ecosystem for Azure Stack HCI users.
  • Azure Virtual Desktop (AVD) for Azure Stack HCI: AVD is now generally available, bringing together the advantages of Azure Virtual Desktop and Azure Stack HCI. This combination allows organizations to run virtualized desktops and apps securely, either on-premises at the edge or within data centers.
  • Azure Migrate Integration (Preview): Azure Stack HCI now supports Azure Migrate in preview, facilitating easier migration of workloads to Azure Stack HCI environments.
  • Microsoft Defender for Cloud Integration (Preview): Enhance your security posture with Microsoft Defender for Cloud for Azure Stack HCI, currently in preview.
  • Guidance on Using Version 22H2: It’s recommended to continue using version 22H2 temporarily if:
    1. The service is not available in your region (currently limited to East US and West Europe).
    2. You require stretched clustering support, which is not available in 23H2.
    3. Your setup relies on System Center VMM, not supported by 23H2.

Additional Information:

  • Currently, 3-node switchless deployments are not supported.
  • The GA version includes proxy support for HCI infrastructure, but not yet for VMs.
  • Updates to 23H2 can be performed through the portal on existing preview clusters or by new deployment.
  • With Windows Defender Application Control (WDAC) enabled by default in Azure Stack HCI 23H2, steps may be needed to allow certain applications to run.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (January 2024 – Weeks: 03 and 04)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Azure Cloud Services (Classic) Retirement

Microsoft has announced the retirement of its Azure Cloud Services (Classic) deployment model, effective August 31, 2024. This decision marks a significant shift towards more advanced and modern cloud solutions. Users of Azure Cloud Services (Classic) are encouraged to migrate their services to Cloud Services (Extended Support) in Azure Resource Manager, which offers new capabilities and improved efficiency. This transition is vital for maintaining service continuity and accessing enhanced features.

Compute

Automatic Image Creation

Azure has announced the general availability of its Automatic Image Creation service. This feature simplifies the process of creating and managing virtual machine images, allowing for automation and streamlining of deployments. The general availability of this service underscores Azure’s commitment to providing efficient and user-friendly solutions in cloud computing.

Upgrade of Azure Gen1 VMs to Gen2-Trusted Launch (private preview)

Microsoft has announced a private preview that allows users to upgrade their existing Azure Generation 1 (Gen1) virtual machines (VMs) to Generation 2 (Gen2) with Trusted Launch support. This upgrade enhances the foundational security of existing Azure VMs by enabling features like Secure Boot and vTPM capabilities, integral to the Trusted Launch service. Trusted Launch provides a robust security framework for Azure VMs, ensuring boot integrity and protection against advanced threats. The service works by ensuring that only signed operating systems and drivers can boot, establishing a root of trust for the VM software stack. It supports a wide range of compute-optimized, memory-optimized, and storage-optimized VM sizes, as well as multiple operating systems including various versions of Linux and Windows. Notably, this upgrade doesn’t increase existing VM pricing, making it an attractive option for users seeking enhanced security without additional costs.

Networking

Azure Virtual Network Encryption

Microsoft has released the general availability of Azure Virtual Network Encryption, providing an additional layer of security for data in transit. This new feature ensures that data moving within a virtual network is encrypted, enhancing protection against potential threats and unauthorized access. The availability of this feature signifies Microsoft’s ongoing commitment to offering robust security solutions in its cloud services.

Load Balancer in Azure API Management (preview)

Microsoft has introduced a public preview of the Load Balancer in Azure API Management. This feature aims to optimize the distribution of user requests across various servers, ensuring efficient resource utilization and improved response times. The introduction of this load balancer in the preview phase allows users to test and provide feedback, helping Microsoft enhance the feature before its full-scale release.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (January 2024 – Weeks: 01 and 02)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

Storage

Customer-Managed Keys for Azure NetApp Files volume encryption

Azure NetApp Files now supports customer-managed keys for volume encryption, enhancing data security and control. This feature allows users to manage their encryption keys, providing an additional layer of security for sensitive data stored in the cloud. The integration of customer-managed keys with Azure NetApp Files ensures that data encryption aligns with organizational policies and regulatory requirements, offering a secure and compliant storage solution.

Premium SSD v2 and Ultra Disks support with Trusted Launch

Azure introduces the general availability of Premium SSD v2 and Ultra disks support for Trusted Launch virtual machines. This integration enhances security and performance for Azure virtual machines. Trusted Launch provides foundational security with features like Secure Boot and vTPM, protecting against advanced threats. The Ultra disks offer high-performance storage ideal for data-intensive workloads, while Premium SSD v2 disks provide a cost-effective solution for a broad range of enterprise applications.

Zone Redundant Storage for Azure Disks in more regions

Azure has expanded the availability of Zone Redundant Storage (ZRS) for Azure Disk Storage. Now available in West US3 and Germany West Central regions, ZRS enables synchronous data replication across three availability zones. This feature enhances data resilience and application uptime by mitigating the impact of zonal failures. ZRS is compatible with Azure Premium SSDs and Standard SSDs, ensuring high availability for critical workloads.

Azure Ultra Disk Storage Now Available in UK West and Poland Central

Azure has expanded its Ultra Disk Storage to the UK West and Poland Central regions, offering high throughput, high IOPS, and consistent low-latency disk storage. Azure Ultra Disk Storage is ideal for handling data-intensive workloads like SAP HANA, top-tier databases, and transaction-heavy processes. This expansion provides users in these regions with access to Azure’s most advanced storage solutions, optimizing performance for critical applications.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (December 2023 – Weeks: 51 and 52)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks. This release marks the final update for the year 2023, and I take this opportunity to wish everyone the best for the upcoming year 2024!

Azure

General

Microsoft Cloud for Sovereignty

Microsoft has announced the general availability of Microsoft Cloud for Sovereignty, a significant advancement in cloud technology for government agencies. This new offering is designed to meet the unique compliance, security, and policy requirements of governments while leveraging cloud capabilities to deliver enhanced value to citizens.

Key Highlights:

  • Compliance and Security: Microsoft Cloud for Sovereignty is built on over 60 cloud regions, providing industry-leading cybersecurity and the broadest compliance coverage. It enables governments to implement policies that align with national or regional data residency requirements.
  • Sovereign Controls: The platform offers sovereign controls to protect and encrypt sensitive data. This includes sovereign landing zones and Azure Confidential Computing, which secures data in memory in hardware-based trusted execution environments.
  • Policy Initiatives: Governments can adopt sovereignty-focused Azure policy initiatives to address the complexity of compliance with national and regional regulatory requirements. This includes the Azure Cloud Security Benchmark and Sovereignty Policy Baseline, among others.

New Capabilities:

  • Drift Analysis Tool: Identifies non-compliant settings and helps maintain policy compliance.
  • Transparency Logs: Provides visibility into instances where Microsoft engineers access customer resources.
  • Configuration Tools in Azure Portal: Simplifies the creation of sovereign landing zones.

This development marks a significant step in enabling governments to harness the power of cloud technology while maintaining strict control over data sovereignty and regulatory compliance.

Compute

Red Hat Enterprise Linux 8.9 on Azure Virtual Machines

Azure now supports Red Hat Enterprise Linux (RHEL) 8.9 on its Virtual Machines, marking the latest minor release of RHEL 8. This version offers enhanced stability, security, and performance for production environments. Key features include streamlined deployment and migration options, new metrics in the performance co-pilot, and new Application Streams for Node.js 20, Java-21, and compiler toolkits. RHEL 8.9’s release emphasizes Azure’s commitment to providing a versatile and efficient operating environment for varied infrastructures.

Networking

Security Update for Azure Front Door WAF CVE-2023-50164

Azure has deployed a new managed rule for its global Web Application Firewall (WAF) customers to address the security vulnerability CVE-2023-50164. This update is crucial for applications potentially impacted by this vulnerability. The fix has been implemented in the ruleset versions 2.1, 2.0, and earlier. The rule, identified as ID 99001017 in the MS-ThreatIntel-CVEs Rule Group, is initially set to ‘Disabled’ with an ‘Anomaly Score’ action, and users are advised to enable it if their application is vulnerable. This update underscores Azure’s commitment to providing robust security for web applications.

Security Update for Application Gateway WAF CVE-2023-50164

Azure has announced the general availability of a security update for the Application Gateway WAF to address the CVE-2023-50164 vulnerability. This update is vital for regional WAF customers to safeguard their applications. The update includes changes to the Default Ruleset (DRS) and Core Ruleset (CRS), with the rule ID 99001017 now set to ‘Enabled’ and ‘Log’ action. It’s important to note that the ‘Anomaly Score’ action is not supported for this rule, and users with older WAFs running CRS 3.1 should upgrade to enable ‘Block’ mode.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (December 2023 – Weeks: 49 and 50)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Azure Support Plan offer extended

Microsoft Azure has announced an extension of its Azure Support offer. Starting from January 1, 2024, all new and renewing Azure customers who purchase an Enterprise Agreement (EA or EES) or are part of the field-led Microsoft Customer Agreement (MCA) will receive free Azure Standard support. This promotion, designed to assist customers in their cloud journey, will be available until June 30, 2024, at no additional charge. The offer aims to provide an extra level of access to expert technical support, enhancing the Azure experience for enterprise customers. Existing customers will automatically benefit from this offer, with no additional action required. The terms of the promotion can be viewed on the Azure website, with updates to be visible from January 1, 2024.

Compute

Intel TDX based confidential VMs now available in Azure (preview)

Microsoft Azure has introduced the public preview of DCesv5 and ECesv5-series confidential virtual machines (VMs), marking a significant advancement in cloud computing security. These VMs, powered by 4th Gen Intel® Xeon® Scalable processors with Intel® Trust Domain Extensions (Intel® TDX), are now accessible through the Azure portal, Azure CLI, and ARM templates. This development enables organizations to bring confidential workloads to the cloud without necessitating code changes to applications. Initially available in select regions including Europe West, Central US, and East US 2, these VMs represent a leap forward in Azure’s confidential computing capabilities. The introduction of these VMs underscores Azure’s commitment to providing secure and innovative cloud solutions.

Networking

Delaying domain Front Block on Azure Front Door and CDN Services

Microsoft Azure has announced the postponement of the enforcement of blocking domain fronting on Azure Front Door and Azure CDN Standard from Microsoft (classic) to January 22, 2024. This decision, influenced by customer feedback, aims to provide additional time for users to adapt to the upcoming changes. Azure plans to introduce two log fields, “SNI” and “Result,” by December 25, 2023, to assist customers in identifying domain fronting behavior in their resources. The enforcement of this block is intended to enhance security by preventing traffic that attempts to bypass domain fronting checks. It’s important to note that this change will not affect regular users accessing the service through compliant browsers, APIs, SDKs, etc., and is focused on enhancing the security of Azure’s network services.

Storage

Azure File Sync agent v17 release: enhanced performance and expanded features

Microsoft has announced the release of Azure File Sync agent v17, now in flighting and accessible on the Microsoft Update Catalog. This latest update introduces significant improvements and fixes, enhancing the overall performance and functionality of Azure File Sync. Key enhancements include:

  • Sync Upload performance improvements: users will experience notable improvements in sync upload performance, especially beneficial during file share migrations and high churn events where a large number of files need uploading. 

  • Expanded character support for file and directory names: the update extends the list of supported characters for file and directory names in SMB File shares, aligning with the NTFS file system’s capabilities for valid Unicode characters. This expansion allows for greater flexibility in naming conventions.

  • New Cloud Tiering low disk space mode metric: a new feature enables users to configure alerts for servers in low disk space mode, enhancing monitoring capabilities. 

  • Resolved agent update issue: the update addresses and resolves a previous issue where the agent update process would hang, improving reliability.

  • Miscellaneous reliability and telemetry improvements: the release also includes various enhancements for cloud tiering and sync, focusing on reliability and telemetry.

Additional Release Information:

  • The v17 release is compatible with Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022.
  • Windows Server 2012 R2 users must have .NET Framework version 4.6.2 or higher.
  • The agent version for this release is 17.0.0.0.

For installation instructions and further details, users can refer to KB5023053 in the Microsoft knowledge base. This release marks a significant step forward in the Azure File Sync service, offering enhanced performance and expanded capabilities to users.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (December 2023 – Weeks: 47 and 48)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

Storage

Encryption at Host for Premium SSD v2 and Ultra Disks

Azure has announced the general availability of encryption at host for Premium SSD v2 and Ultra Disks. This feature, already available for other Azure Disk types, ensures that data on the Virtual Machine (VM) host is encrypted at rest and remains encrypted during transit to the Storage service. The encryption at host for Premium SSD v2 and Ultra Disks enhances data security and privacy, providing an additional layer of protection for sensitive information stored on Azure. This update is a significant step forward in Azure’s commitment to offering secure and reliable cloud storage solutions.

Azure NetApp Files support for 2 TiB Capacity Pools

Azure NetApp Files now supports the creation of capacity pools with a minimum size of 2TiB, a feature that has reached general availability. This enhancement is particularly useful for workloads such as SAP shared files and VDI, which require lower capacity pool sizes for their capacity and performance needs. Customers can now start with a 2TiB pool and increase in 1TiB increments, providing a more cost-effective solution for managing capacities less than 3TiB. This update is supported in all regions with standard network features, offering customers the flexibility to re-evaluate volume planning and take advantage of the savings associated with smaller capacity pools.

User and Group quota management in Azure NetApp Files

Azure NetApp Files has reached general availability with its user and group quota management feature. This functionality allows administrators to control storage consumption by setting capacity limits for individual users or groups within a specific Azure NetApp Files volume. It supports NFS, SMB, and dual protocol-enabled volumes, offering both default and individual user quotas. For NFS-enabled volumes, default or individual group quotas can be defined. This feature is now available in Azure commercial regions and US Government regions, providing a robust solution for managing capacity consumption and ensuring efficient storage utilization.

Azure NetApp Files: standard network features support in US Government Regions

Azure NetApp Files now offers general availability of standard network features in US Government regions, including Virginia, Texas, and Arizona. This enhancement delivers an improved Virtual Networking experience for non-Azure host-based workloads like Azure NetApp Files. Key features include increased route scale for VNets with ANF volumes, enhanced network security with support for Network Security Groups (NSGs) on ANF delegated subnets, and improved network control through User Defined Routes (UDRs). Additionally, it facilitates on-premises connectivity, ExpressRoute FastPath connectivity, cross-region mount volumes, and support for Private Link and service endpoints. This update significantly enhances the networking capabilities and security for Azure NetApp Files in US Government regions.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS). These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (November 2023 – Weeks: 45 and 46)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks. This week marks a significant milestone with the occurrence of the Microsoft Ignite event, bringing with it a substantial number of important updates and innovations announced by Microsoft. To delve deeper into the specific developments unveiled during this conference in these areas, I invite you to read the dedicated article: Unveiling the future: key insights from Microsoft Ignite on Azure IaaS and Azure Stack.

Azure

General

Azure to End Support for TLS 1.0 and 1.1 by 31 October 2024

Microsoft Azure has announced that it will end support for Transport Layer Security (TLS) versions 1.0 and 1.1 by 31 October 2024. This decision is part of Azure’s ongoing efforts to enhance security and provide best-in-class encryption for customer data. From this date, interactions with Azure services will require TLS 1.2 or later. While the Microsoft implementation of older TLS versions is not known to be vulnerable, TLS 1.2 and subsequent versions offer improved security features, such as perfect forward secrecy and stronger cipher suites. Customers are advised to confirm that their resources interacting with Azure services are using TLS 1.2 or later to avoid potential service disruptions. If resources are already exclusively using TLS 1.2 or later, no further action is required. However, if there is still a dependency on TLS 1.0 or 1.1, it is recommended to transition to TLS 1.2 or later by the specified deadline. Microsoft provides additional resources and support to assist with this transition.

Compute

Ubuntu Server to Ubuntu Pro in-place upgrade now available

Microsoft Azure has announced the general availability of an in-place upgrade from Ubuntu Server to Ubuntu Pro. This upgrade can be added as a subscription to your Azure Virtual Machines (VMs), enabling the transition without the need to redeploy or take VMs offline. Ubuntu Pro offers an extended support period of 10 years for over 2,300 Main and 23,000+ Universe packages, with the 18.04 version recently entering extended support. This upgrade enhances VMs with additional security and compliance features, making it a robust choice for enterprise environments. For detailed instructions on the upgrade process, Azure users can refer to the official documentation, and pricing information for Ubuntu Pro is available on the Azure pricing page.

Introducing NGads V620 Series VMs Optimized for Gaming Scenarios

Microsoft Azure has announced the general availability of the NGads V620 series VMs, a new addition optimized for gaming scenarios. These GPU-enabled virtual machines are powered by AMD Radeon™ PRO V620 GPUs and AMD EPYC 7763 (Milan) CPUs, designed to deliver a high-quality, interactive gaming experience hosted in Azure. The NGads V620 VMs feature GPU Partitioning, allowing VMs to access ¼, ½, or a whole GPU, enabling customers to tailor their performance and cost according to their business needs. Additionally, these VMs come standard with NVMe drives, offering up to 1025 GB of temp storage for rapid local data access. A key component of the NGads V620 series is the AMD Software: Cloud Edition. This software targets optimizations available in the consumer gaming version of the AMD Adrenaline driver, further tested and optimized for cloud environments. It is frequently updated to support the latest game releases. The software also supports accelerated virtual desktop environments, with Radeon PRO optimizations for high-end workstation applications in design or rendering.

Networking

Application Gateway: using a common port for Public and Private listeners

Microsoft Azure has announced the general availability of the feature that allows configuring the same port number for public and private listeners on your Application Gateway. This update simplifies the use of Application Gateway deployments to serve both internet-facing and internal clients without the need for non-standard ports or backend application customizations. The feature is available in all public regions, including Azure China and Azure Government cloud regions. Note that additional configuration may be necessary for inbound rules when using Network Security Groups.

Rate-Limit Rules for Application Gateway Web Application Firewall

Azure has introduced rate-limit custom rules for its regional Web Application Firewall (WAF) on Application Gateway, now generally available. This feature allows the detection and blocking of unusually high levels of traffic aimed at your application. Rate-limiting is instrumental in mitigating various types of denial-of-service attacks, managing misconfigured clients sending excessive requests, or controlling traffic from specific geographical locations. This enhancement bolsters the security and management of your web applications.

Application Gateway Supports IPv6 Frontend (preview)

Azure’s Application Gateway v2 is now in public preview for supporting dual-stack (IPv4 and IPv6) connections at the frontend. This upgrade enables the Application Gateway to manage traffic from both IPv4 and IPv6 clients, enhancing flexibility and connectivity options. This feature is particularly beneficial for addressing IPv4 address exhaustion and meeting various regulatory requirements. Users can now set up a new Application Gateway with both IPv4 and IPv6 addresses, reflecting Azure’s commitment to delivering top-notch service and customer experience.

Storage

Azure NetApp Files Datastores for Azure VMware Solution in US Government Regions

Azure NetApp Files datastores have achieved general availability in US Government Cloud regions to support storage-intensive workloads on Azure VMware Solution (AVS). This advancement allows users to create datastores through the Azure VMware Solution resource provider with Azure NetApp Files NFS volumes, which can be attached to any selected private cloud clusters. With the ability to scale storage independently of compute and surpass the local instance storage limits provided by vSAN, this feature aims to reduce the total cost of ownership. This service is now available in the US Gov Virginia and US Gov Arizona regions.

Azure Elastic SAN Updates – Snapshots, Security, and Usability (preview)

Azure Elastic SAN, currently in preview, has received new updates to enhance its performance and security. The updates include live volume resizing, force delete capabilities, and Server-Side Encryption with Customer Managed Keys (SSE with CMK) for improved security. As a VMware Certified datastore, Elastic SAN offers scalable storage and performance, which optimizes total cost of ownership and scalability. These improvements are part of Azure’s ongoing efforts to provide seamless integration with other native Azure products and a robust, secure storage solution.

Azure Stack

Azure Stack HCI

AKS on Azure Stack HCI and Windows Server 2023-10-30

The AKS HCI management cluster has been updated to Kubernetes version 1.26.6, laying the groundwork for future Kubernetes versions for workload clusters. This release includes security updates to address vulnerabilities, enhancements to Azure Arc onboarding prechecks for better network resilience, and several bug fixes. Users are encouraged to try AKS on Azure Stack HCI or Windows Server using the evaluation guide and to contribute feedback and follow the AKS hybrid roadmap through GitHub.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.