This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
New SAP HANA Certified Memory-Optimized Virtual Machines
Microsoft is expanding SAP HANA certifications, enabling you to run production SAP HANA workloads on the Edsv4 virtual machines sizes.
Intel SGX based confidential computing VMs now available on Azure Dedicated Hosts
Azure Dedicated Host provides a single-tenant physical server to host your Azure Virtual Machines for Windows and Linux. The server capacity is not shared with other customers. You can now deploy DCsv2 Azure Virtual Machines to Dedicated Hosts. The DCsv2-series can help protect the confidentiality and integrity of your data and code while it’s processed in the public cloud. The new DCsv2_Type1 Dedicated Host SKUs feature the latest generation of Intel XEON E-2288G Processor with SGX technology. This new offering will enable you to build secure enclave-based applications to protect your code and data while it’s in use. Example use cases include confidential multiparty data sharing, fraud detection, anti-money laundering, blockchain, confidential usage analytics, intelligence analysis, and confidential machine learning.
New constrained vCPUs capable VMs
The Esv4, Edsv4, and Easv4 memory optimized Azure VM series now offer new constrained vCPU VM sizes. You can now take advantage of the latest generation Azure Virtual Machines for workloads that need high memory, storage, and I/O bandwidth, but not a high vCPU count. Several database workloads are not CPU-intensive and can benefit from these offerings.
SQL Server Reporting Services Virtual Machine images
Now in general availability, you have the option of migrating SQL Server Reporting Services workloads into Azure using pre-configured virtual machine images. This enables you to easily see your different virtual machine workloads and manage them. It can also help make your workloads more efficient and enables an easier onboarding experience to the cloud.
Azure File Sync agent v11.1
Improvements and issues that are fixed:
- New cloud tiering modes to control initial download and proactive recall
- Initial download mode: you can now choose how you want your files to be initially downloaded onto your new server endpoint. Want all your files tiered or as many files as possible downloaded onto your server by last modified timestamp? You can do that! Can’t use cloud tiering? You can now opt to avoid tiered files on your system. To learn more, see Create a server endpoint section in the Deploy Azure File Sync documentation.
- Proactive recall mode: whenever a file is created or modified, you can proactively recall it to servers that you specify within the same sync group. This makes the file readily available for consumption in each server you specified. Have teams across the globe working on the same data? Enable proactive recalling so that when the team arrives the next morning, all the files updated by a team in a different time zone are downloaded and ready to go! To learn more, see Proactively recall new and changed files from an Azure file share section in the Deploy Azure File Sync documentation.
- Exclude applications from cloud tiering last access time tracking
- You can now exclude applications from last access time tracking. When an application accesses a file, the last access time for the file is updated in the cloud tiering database. Applications that scan the file system like anti-virus cause all files to have the same last access time which impacts when files are tiered. For more details, see the release notes.
- Miscellaneous performance and reliability improvements
- Improved change detection performance to detect files that have changed in the Azure file share.
- Improved sync upload performance.
- Initial upload is now performed from a VSS snapshot which reduces per-item errors and sync session failures.
- Sync reliability improvements for certain I/O patterns.
- Fixed a bug to prevent the sync database from going back-in-time on failover clusters when a failover occurs.
- Improved recall performance when accessing a tiered file.
To obtain and install this update, configure your Azure File Sync agent to automatically update when a new version becomes available or manually download the update from the Microsoft Update Catalog.
The agent version for this release is 18.104.22.168 and a restart may be required if files are in use during the agent installation. Installation instructions are documented in KB4539951.
New Azure Firewall capabilities
This new Azure Firewall capabilities will be generally available in Q4 CY2020:
- Custom DNS: Allows you to configure Azure Firewall to use your own DNS server.
- DNS Proxy capability: You can enable your Azure Firewall to act as a proxy for your DNS traffic. This is crucial for reliable FQDN filtering in network rules and provides DNS security through integration.
- FQDN filtering in network rules: You can use this based on DNS resolution from Custom DNS or Azure DNS. This capability is recommended for protocols that are not supported with FQDN filtering in application rules today.
You can learn more about DNS Settings in this document.