This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Local, as officially released by Microsoft in the past two weeks.
Azure
Compute
AMD v6 confidential VMs (DCa/ECa v6) now available in additional regions
AMD-based confidential virtual machines in the DCa v6 and ECa v6 series are now generally available in 11 additional Azure regions: Canada Central, Canada East, Norway East, Norway West, Italy North, Germany North, France South, Australia East, West US, West US 3, and Germany West Central. This expansion builds on the initial availability announced at launch, which included Korea Central, South Africa North, Switzerland North, UAE North, UK South, and West Central US, giving customers more regional options for running confidential computing workloads backed by hardware-based memory encryption and isolation.
Azure AMD Turin Dasv7, Dalsv7, Easv7, and Fasv7-series Virtual Machines
The Azure AMD Turin-based Dasv7/Dalsv7 (general purpose), Easv7/Eadsv7 (memory optimized), and Fasv7/Falsv7/Famsv7 (compute optimized) virtual machines are now Generally Available (GA), offered both with and without local disk support. These VM families are available in Australia East, Central US, Germany West Central, Japan East, North Europe, South Central US, Southeast Asia, UK South, West Europe, West US 2, and West US 3, with the large 160 vCPU Easv7/Eadsv7 sizes available in North Europe, South Central US, West Europe, and West US 2, and additional regions planned for 2026. Compared to prior-generation v6 instances, Microsoft states these VMs provide up to 35% higher CPU performance and substantial gains for common workload types, including up to 25% for Java workloads, up to 65% for in-memory cache applications, up to 80% for crypto workloads, and up to 130% for web server workloads. The release also introduces new local-disk-enabled variants—Fadsv7, Faldsv7, and Famdsv7—to broaden configuration flexibility for performance-sensitive scenarios.
Intel-based 7th generation Dlsv7/Dsv7/Esv7 Virtual Machines (preview)
Microsoft has announced the Public Preview of new Dlsv7/Dsv7 (general purpose) and Esv7 (memory optimized) virtual machines powered by Intel® Xeon® 6 processors (Granite Rapids). These v7 Intel-based VMs are designed to meet growing datacenter compute requirements and target a broad range of workloads, including traditional enterprise applications and AI-driven scenarios. Compared to v6, Microsoft states they deliver up to 15% better general compute performance, supported by turbo frequencies up to 4.2 GHz and up to 2x higher memory bandwidth. The new series also expands scalability, with Dsv7 and Esv7 scaling up to 372 vCPUs and Esv7 offering up to 2.8 TiB of memory. Networking and remote storage performance are also increased through the latest Azure Boost capabilities, with up to 400 Gbps networking bandwidth on the largest sizes and up to 800k IOPS and 20 GBps throughput to Premium SSD v2 and Ultra Disk remote storage on the largest sizes.
Networking
Default Rule Set (DRS) 2.2 for WAF on Azure Application Gateway
Default Rule Set (DRS) 2.2 for Web Application Firewall on Azure Application Gateway is now Generally Available (GA), providing Azure-managed protections against common web vulnerabilities and exploits. DRS 2.2 includes Microsoft Threat Intelligence collection rules—authored in collaboration with Microsoft intelligence teams—to extend coverage, target emerging exploit patterns, and reduce false positives over time. This release is based on OWASP Core Rule Set 3.3.4 and introduces refinements and new protections such as detections for content types declared outside the actual Content-Type header and enhanced remote code execution (RCE) detections, while adding additional Microsoft Threat Intelligence rules that broaden coverage across SQL injection, cross-site scripting (XSS), and other application-layer attack patterns. To help minimize legitimate traffic being blocked, DRS 2.2 ships with Paranoia Level (PL) 1 enabled by default, while PL2 rules remain disabled by default due to their more aggressive behavior and typical need for tuning.
Azure Virtual Network routing appliance (preview)
The Azure Virtual Network routing appliance is now available in Public Preview, providing private connectivity for workloads across virtual networks using specialized hardware designed for low latency and high throughput. Deployed into a private subnet, the appliance acts as a managed forwarding router, enabling traffic steering through User Defined Routes (UDR) to support scenarios such as spoke-to-spoke communication in traditional hub-and-spoke topologies. As an Azure resource, it integrates with Azure’s management and governance model, allowing customers to adopt appliance-based routing without relying on self-managed virtual machine routers.
X-Forwarded-For (XFF) grouping for rate limiting on Application Gateway WAF v2 (preview)
Application Gateway Web Application Firewall (WAF) v2 now supports additional rate-limiting GroupBy options based on the X-Forwarded-For (XFF) HTTP header in Public Preview. This capability helps customers running Application Gateway behind proxies or Content Delivery Networks (CDNs) apply rate limits using the original client IP rather than the TCP source IP, reducing the risk of throttling legitimate users that share the same proxy egress address. In this preview, custom rate-limit rules can be grouped by Client Address (XFF) or Geo Location (XFF), allowing security teams to more accurately identify and mitigate abusive or high-volume traffic patterns while continuing to use the existing Application Gateway WAF v2 custom rate-limit rules and policy model.
Storage
Azure Container Storage v2.1.0 with Elastic SAN integration and on-demand installation
Azure Container Storage v2.1.0 is now Generally Available (GA), adding native integration with Elastic SAN and introducing a modular, on-demand installation model to simplify deployment and ongoing operations for Kubernetes workloads on Azure. With Elastic SAN supported as a native storage type, customers can provision scalable volume groups and consolidate large numbers of Kubernetes volumes under a single SAN resource, improving attach/detach performance, increasing throughput, and reducing management overhead for stateful applications. The release also includes streamlined setup, improved defaults, and enhanced automation for Elastic SAN resource creation and volume group configuration. In addition, the new modular installation approach allows clusters to deploy only the components required for the chosen storage type, reducing footprint and accelerating rollout, while node selector support provides more precise placement of Azure Container Storage components—useful for dedicated storage node pools or mixed cluster topologies.
Azure NetApp Files support in OpenShift Virtualization (preview)
Azure NetApp Files support in OpenShift Virtualization is now available in Public Preview, enabling faster virtual machine provisioning, instant cloning, and live migration for VM workloads running on OpenShift Virtualization. Microsoft positions Azure NetApp Files as providing scalable storage with predictable performance and enterprise data management capabilities for scenarios ranging from infrastructure VMs to business-critical databases. This preview is available in all Azure regions where Azure NetApp Files and Azure Red Hat OpenShift are offered.
Azure NetApp Files Elastic zone-redundant service level (preview)
Azure NetApp Files Elastic zone-redundant storage (ANF Elastic ZRS) is now available in Public Preview as an advanced high-availability service level designed to keep data continuously accessible with zero data loss, even if an entire Availability Zone becomes unavailable. Built on Azure Zone-redundant storage (ZRS) architecture and compute infrastructure, ANF Elastic ZRS synchronously replicates file data across availability zones within a region, removing single points of failure without requiring special configuration or manual intervention. Microsoft positions this capability as particularly suitable for metadata-intensive workloads across VMs and containers—such as AI, analytics, and Kubernetes/OpenShift environments—while also offering operational simplicity and flexible sizing, including volumes as small as 1 GiB.
Conclusion
Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Local. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.
