Azure IaaS and Azure Stack: announcements and updates (May 2023 – Weeks: 17 and 18)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

Microsoft Azure available from new cloud region in Poland

The newest cloud region in Poland is available with Azure Availability Zones and provides customers with the highest standards of security, privacy, and regulatory-compliant data storage in the country.

Ebsv5 and Ebdsv5 NVMe-enabled VM sizes

The Ebsv5 and Ebdsv5 VM series are the first Azure VM series to support NVMe storage protocol. NVMe support enables these series to achieve the highest Disk Storage IOPS and throughput of any Azure VMs to date. NVMe is a high-performance storage interface that is faster and more efficient compared to other traditional storage protocols like SCSI, which is the only other protocol that most Azure VMs use currently. With NVMe interface supported, customers can now use these VMs to achieve even higher VM-to-disk throughput and IOPS performance per core, with up to 8,000 MBps and 260,000 IOPS. This enables customers that process extremely data-intensive workloads to process more data on fewer core compute resources, potentially saving them money on infrastructure and commercial software licensing costs.

DCesv5 and ECesv5-series Confidential VMs with Intel TDX (preview)

There is an expansion of Confidential VM family with the launch of the DCesv5-series and ECesv5-series in preview. Featuring 4th Gen Intel® Xeon® Scalable processors, these VMs are backed by an all-new hardware-based Trusted Execution Environment called Intel® Trust Domain Extensions (TDX). Organizations can use these VMs to seamlessly bring confidential workloads to the cloud without any code changes to their applications.

Networking

Cloud Next-Generation Firewall (NGFW) Palo Alto Networks – an Azure Native ISV Service

Cloud NGFW Palo Alto Networks is the first ISV next-generation firewall service natively integrated in Azure. Developed through a collaboration between Microsoft and Palo Alto Networks, this service delivers the cutting-edge security features of Palo Alto Networks NGFW technology while also offering the simplicity and convenience of cloud-native scaling and management. NGFWs provide superior network security by offering enhanced capabilities compared to traditional firewalls. These include deep packet inspection, advanced visibility and control features, and the use of AI to improve threat detection and response.

Palo Alto Networks SaaS Cloud NGFW Integration with Virtual WAN (preview)

Palo Alto Networks Cloud NGFW is the first security software-as-a-service (SaaS) solution to be integrated in Azure Virtual WAN, allowing you to enjoy the simplicity of a SaaS security offering without the hassles of managing provisioning, scaling, resiliency, software updates, or routing.

Cloud NGFW SaaS integration with Virtual WAN provides you with the following benefits:

  • protect workloads with a highly available NGFW powered by machine learning to
  • detect and stop known, unknown and zero-day threats;
  • fully managed infrastructure and software lifecycle under SaaS model;
    consumption-based pay-as-you-go billing;
  • dedicated and streamlined support channel between Azure and Palo Alto Networks to provide a delightful customer support experience;
  • simple one-click routing to inspect on-premises, Azure VNets and Internet traffic;
  • deep and cohesive integration with Azure that provides a cloud-native experience.

Application Gateway V1 will be retired on 28 April 2026

Because Application Gateway V1 retires on 28 April 2026, please transition to Application Gateway V2 by that date.

Alongside the Application Gateway V1 features you already use, Application Gateway V2 provides:

  • additional features – Autoscaling, zone redundancy, URL rewrite, mutual authentication mTLS , Azure Kubernetes Service Ingress Controller, Keyvault integration;
  • increased performance – 5x Better TLS offload performance compared to V1;
  • enhanced security – Faster update of security rules, WAF custom rules and policy associations, bot protection-

From now through 28 April 2026, you can continue using Application Gateway V1 but begin transitioning to Application Gateway V2.

New customers (customers who doesn’t not have Application Gateway V1 SKU in their subscriptions in the month of June 2023) won’t be able to create V1 gateways from 1st July 2023.

Existing customers with subscriptions containing V1 gateways, will no longer be able to create V1 gateways after 28th August 2024. However, they can manage V1 gateways until the retirement date of 28 April 2026. After 28 April 2026, Application Gateway V1 will not be supported.

Storage

Cross-region service endpoints for Azure Storage

Cross-region service endpoints is now generally available for Azure Blob and Data Lake Storage in all Azure regions. Virtual Network (VNet) service endpoints provide secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Service endpoints in Azure Storage already allow the ability to connect to a storage account to VNets in the same or paired region. With this release, cross-region service endpoints can be configured to allow access to an Azure Blob or Data Lake storage account from VNets in any region. This is valuable for customer scenarios such as global storage resource and access management.

Azure Blob Storage adds a new online access: Cold Storage (preview)

Azure Blob Storage is optimized for storing massive amounts of unstructured data. With blob access tiers, you can store your blob data in the most cost-effective manner based on how frequently it will be accessed and how long it will be retained. Now Azure Blob Storage adds a new online access tier, cold, in addition to hot, cool and archive.

Cold tier pricing is positioned between cool and archive, with 90-day early deletion policy. See the prices in Azure Blob Storage pricing. You can seamlessly use the cold tier the way you use hot and cool, through REST API, SDK, tools, and lifecycle management policy. Cold public preview is now available in Canada Central, Canada East, France Central and Korea Central.

Please follow and like us: