Azure Updates

Author by Mitchell Grande

Ignite 2017, held late last month, contained many exciting announcements for Azure.  Here, we'll highlight some of the best new and updated features.  There are many more than can be listed here so be sure to check out this blog post for a complete rundown.
Virtual Network Service Endpoints
For secure environments, you can now deploy some Azure services to a specific VNet and not expose them to the general internet.  For example, you can have a storage account used by an internal application that can only be accessed from within your Azure network or an Azure SQL Database that can't be accessed from over the public internet.  This severely limits the chance of accidental exposure of information to the general internet.  Currently, only Azure SQL and Azure Storage Accounts support this new feature, but other services will be added in the future.  Read more here
Network Security Groups - Application Security Groups
To simplify Network Security Group deployment, you will soon be able to group your VMs and use those groups in Network Security Groups to reuse and simplify rule setup.  For example, you can create a WebServers VM group, and then create an NSG that allows HTTP and HTTPS traffic to any VMs in that group.  This is an easy way to avoid recreating similar rules across multiple Network Security Groups.  Additionally, you'll be able to create more complex scenarios by combining Application Security Groups with source and destination rules.  Read more here
Availability Zones
To help build highly available workloads, Microsoft has announced the upcoming release of Availability Zones.  Availability Zones are areas within a region with fully isolated power, networking, cooling, etc.  You can think of them as being independent datacenters within a region.  While VMs in an availability set are kept on separate hardware, you can use Availability Zones to further isolate resources from each other.  For example, deploy separate nodes of an SQL AlwaysOn cluster to separate zones to decrease potential downtime from physical datacenter issues.  Availability Zones are currently in limited public preview.  Read more here
Storage File Sync
To allow customers to extend their existing Windows file servers to the cloud easily, Microsoft has released Azure File Sync in Public Preview.  This new feature keeps 1 or more on-premise file servers in sync with an Azure Files storage account.  Previously, Azure Files lived in a storage account, and there was not a native way to synchronize that data out.  With this new feature, you will be able to use Azure Storage as the primary backend for your file shares, and your on-premise file server turns into a local cache of the Azure data.  Since it becomes a cache, the local file server only stores the most recently accessed data – saving disk usage on-premise.  Read more here
This is just a short list of the many new features and services announced at Ignite this year.  Additional highlights are new VM sizes, Azure Migrate, Global VNet Peering, and Azure Storage Tiering.  For more information about upcoming Azure features, see the official update status page.

Mitchell Grande

Systems Engineer

Tags in this Article