Our latest enhancements fortify halfway web capabilities for mission-critical applications moving successful the cloud.

In an epoch defined by the transformative powerfulness of AI, industries are reimagining the possibilities of predictive analytics, automation, and real-time decision-making. AI is present ubiquitous, reshaping sectors from retail and concern to healthcare and biotechnology. While caller applications harness AI’s potential, it’s the improvement of existing applications done generative AI methodologies that drives exponential progress. With applications migrating to the unreality astatine an expanding pace, unreality platforms service arsenic the captious backbone of this transformation, connecting users to applications, applications to AI models, and models to the information and computational resources they need.

Microsoft Azure’s networking services uniquely empower businesses to capitalize connected this integer evolution. Our latest enhancements fortify halfway web capabilities: reinforcing security, performance, and reliability for mission-critical applications moving successful the cloud.

We are excited to stock with you our latest announcements and advancements that fortify the halfway web services successful Azure crossed our halfway pillars of security, reliability, scale, and workload productivity.

In an epoch wherever cyber threats are much blase and pervasive than ever, accepted information practices are nary longer capable to support captious assets and data. Zero Trust Network Security is not conscionable a concept—it’s an imperative, built astir the rule that systems should beryllium “Secure by Default”.

Bastion by default

As portion of our ngo to supply a “secure by default” level for our customers, I americium excited to item a caller announcement of ours, the general availability of the Bastion Developer SKU. The Bastion work is utilized by a multitude of customers successful Azure to alteration distant desktop (RDP) and unafraid ammunition (SSH) entree for their virtual machines (VMs) without exposing them publically to the Internet. This was made imaginable by a afloat managed and dedicated Bastion server moving wrong the virtual network. Now, with Bastion Developer SKU, we are offering a “no cost” solution that allows users to found a secure one-click connection to a single VM at a clip without exposing nationalist IPs on the VMs. Bastion Developer SKU utilizes a shared excavation of resources managed internally by Microsoft for unafraid VM connectivity. Users tin straight entree their VMs done the link acquisition connected the VM leaf successful Azure portal, with enactment for RDP/SSH and SSH-only for CLI sessions. Bastion Developer is cleanable for users seeking unafraid VM connections without the request for further features, configuration, or scaling astatine nary further cost.

Virtual web encryption

With the accelerated maturation of data-sensitive industries similar finance, healthcare, and government, determination is simply a captious request for uncompromising web information to support delicate accusation and guarantee regulatory compliance. Azure’s virtual web encryption addresses this request by providing an businesslike solution for encrypting communications betwixt VMs wrong a virtual network. Now mostly disposable crossed each nationalist Azure regions, this diagnostic represents a important advancement successful unafraid web design, enabling organizations to safeguard information successful transit betwixt VMs without sacrificing show oregon agility.

Virtual web encryption leverages the field programmable gross arrays (FPGAs), successful the big for encrypting the information which allows for the process to beryllium handled with precocious efficiency. By offloading encryption to FPGAs, Azure combines top-notch information with high-speed processing, ensuring that encrypted information flows smoothly crossed the web portion minimizing the interaction connected wide strategy performance.

DNSSEC

Along akin lines, contiguous we are blessed to denote the public preview of DNSSEC support successful Azure. With this, customers tin crook connected DNSSEC connected their Domain Name System (DNS) configuration with a elemental opt-in from portal and API. DNSSEC is simply a captious information diagnostic that helps mitigate issues specified arsenic cache poisoning and antheral successful the mediate attacks, thereby importantly enhancing information for our customers. DNSSEC ensures the integrity and authenticity of DNS responses, providing an further furniture of extortion against cyber threats. Moreover, respective countries present necessitate the usage of DNSSEC making it an indispensable update for compliance. With DNSSEC, Azure DNS continues to present robust and unafraid DNS solutions, empowering businesses to run with assurance successful a safer integer environment. 

 We are arsenic committed to providing a world-class resilient and reliable web infrastructure to enactment customers’ ngo captious workloads. In this regard, I privation to item respective caller enhancements successful the level that bolster this commitment.

ExpressRoute: Enhancing resiliency and precocious availability

In today’s cloud-centric world, ensuring resilient and reliable connectivity is essential, peculiarly for organizations with mission-critical applications. Azure ExpressRoute offers private, high-throughput connections betwixt on-premises environments and Azure, bypassing nationalist net postulation to present little latency and accordant performance.

To further fortify reliability, we’re excited to denote ExpressRoute Metro SKU, present mostly available. The Metro SKU offers redundancy crossed aggregate borderline sites wrong the aforesaid city, guarding against disruptions astatine immoderate azygous location. This multi-site plan allows organizations to physique highly disposable web architectures that stay operational adjacent during unexpected outages astatine 1 borderline site.

For those needing further failover protection, maximum resiliency with ExpressRoute provides dual redundant paths to each borderline site, efficaciously establishing 4 autarkic paths to Azure. This diagnostic is invaluable for sectors similar finance, healthcare, and e-commerce, wherever accordant connectivity is captious for compliance and concern continuity.

Additionally, to simplify implementation, Azure present offers a guided configuration experience for multi-site ExpressRoute. This caller diagnostic successful the Azure portal provides users with a dynamic topology representation and recommendations for optimal tract configuration, empowering teams to marque informed decisions for resilient web deployments.

Azure Load Balancer: Improved manageability

Azure Load Balancer, 1 of the foundational services successful the networking portfolio, is simply a cloud-native precocious show web load balancer that is commonly utilized successful lawsuit deployments. While we proceed to amended the usability, applicability, and standard to conscionable evolving lawsuit requirements, a fewer caller announcements successful this abstraction volition amended the manageability of load balancer significantly.

Admin state

The caller “Admin State” functionality of Load Balancer volition let customers to people a backend lawsuit steadfast oregon unhealthy to power postulation being directed to the instance. Controlling the presumption of the load balancer backend is typically done done wellness probes. However, customers bash person a request to explicitly override the wellness presumption to instrumentality a VM lawsuit retired of rotation for maintenance, upgrades oregon information patching oregon simply for different lawsuit needs. Instead of implementing effect logic and Network Security Group (NSG) rules blocks, customers tin simply people the lawsuit arsenic unhealthy done an API telephone oregon a azygous click successful portal and bring it backmost the aforesaid way. We are besides enhancing the observability of backend wellness done our caller and improved “Load Balancer Health Status” that provides heavy insights into backend lawsuit wellness covering some idiosyncratic and level triggered crushed codes.

Admin authorities and load balancer wellness presumption are some present mostly disposable successful each nationalist unreality regions, Azure China unreality regions and Azure Government unreality regions.

Cross-subscription support

Customers’ property successful Azure is usually dispersed crossed aggregate subscriptions and virtual networks successful Azure and adjacent managed by antithetic unit and departments. Customers find it restrictive to physique an exertion topology conscionable utilizing resources successful a azygous subscription, particularly erstwhile utilizing basal primitives similar load balancers. To code this, Azure load balancers is announcing wide availability of cross-subscription usage betwixt beforehand extremity nationalist IP address, load balancer assets and the backend instances. Such cross-subscription usage allows for amended usage of resources and avoids duplication.

As organizations standard their unreality environments to accommodate growth, they necessitate web solutions that not lone grow capableness but besides guarantee efficient, reliable, and unafraid connectivity. Azure’s caller advancements successful Virtual Network absorption respond to this request by providing robust tools for IP scalability, businesslike code management, and precocious web verification.

Virtual Network Ip Address

A virtual web contiguous supports 65,000 routable IP addresses that could beryllium assigned to virtual machines, virtual instrumentality standard acceptable instances, and pods successful an AKS cluster. While this bounds is much than capable for astir customers successful Azure, immoderate of our cloud-native customers bash necessitate higher standard to support up with instant demands and predominant scale-out and scale-in operations. To code this, Azure is excited to denote the enactment of “1 cardinal routable IP Addresses” successful a virtual web successful preview via the “Ip Prefix connected the Network Interface Card” (NIC) feature. This quality allows an further /28 prefix to beryllium added to the NIC on with a superior /32 Ip address. This increases the usable IP abstraction successful a NIC by 16 times.

Virtual Network IP code manager

With much IP addresses to usage and negociate successful Azure, the greater the request for an IP code absorption strategy becomes. We are blessed to announce the nationalist preview (and soon wide availability) of the IP Address Management (IPAM) solution successful Azure Virtual Network manager in each nationalist unreality regions. IPAM allows organizations to centrally negociate their IP code excavation making it easier to plan, allocate, debar overlaps, and show usage of IP code blocks. Customers tin besides leverage automatic IP code allocation erstwhile caller virtual networks are created to guarantee uniqueness and trim wastage. IPAM besides helps with tracking IP allocations extracurricular Azure making it an all-encompassing solution. IPAM supports some IPv4 and IPv6 code prefixes.

Virtual web verifier

As customers standard their environments successful Aure, the tougher it becomes to debug and troubleshoot web connectivity issues. Azure Network Monitoring and Network Watcher helps with existent clip diagnostics and troubleshooting tools. Azure Virtual Network Manager’s virtual web verifier strategy which is disposable successful preview successful each nationalist unreality regions contiguous adds different furniture of functionality by providing a static investigation of packer travel based connected configuration and power level changes. Customers tin validate their packet flows adjacent earlier they deploy the configuration changes to trim the anticipation of transportation interruptions and packet loss.

In the rapidly evolving satellite of cloud-native applications, managing analyzable container-based architectures with assurance requires robust networking capabilities that guarantee security, performance, and seamless scalability. Azure’s Advanced Container Networking Services is simply a large leap forward, providing foundational enactment and caller capabilities for developers deploying microservices and Kubernetes applications successful the cloud.

Advanced Container Networking Services

Azure provides foundational web capabilities specified arsenic Azure Virtual Network and Azure CNI for IP code management, routing, and web argumentation enforcement.  Network virtual functions similar load balancing, Azure Firewall for instrumentality apps, and Application Gateway for Containers are besides provided  to assistance tally micro-services and Kubernetes applications successful Azure. On this continuing journey, we are excited to denote the wide availability of Advanced Container Networking Services, which provides heavy insights into web postulation and exertion show helping you confidently negociate and standard your infrastructure. Using the show and information enforcement capabilities of Azure CNI powered by Cilium, Advanced Container Networking Services provides resilient and highly granular web argumentation and information absorption capabilities. Extending beyond Cilium with Retina, Advanced Container Networking Services leverages Hubble, providing actionable insights and enabling precise detection and solution of Kubernetes web issues. Key features include:

• Deep observability into K8s web postulation and exertion show for faster debugging, incidental solution times and OpEx savings.
  • K8s Pod level metrics similar usage and dropped packets.
  • Transmission power protocol (TCP) and DNS errors and metrics.
  • End to extremity travel logs.
  • Application work connectivity maps.
• Simplified information with DNS filtering policies to support instrumentality workloads portion improving DNS availability.

As we proceed to propulsion the boundaries of networking technology, we’re afloat committed to addressing the caller challenges and opportunities presented by the AI-driven future. Our squad is dedicated to creating innovative, resilient, and unafraid solutions that empower businesses to leverage AI and the unreality to their fullest potential. Our latest updates successful security, reliability, and scalability are designed to empower organizations to negociate their applications with greater assurance and efficiency. We admit that your feedback is captious to our ongoing development, and we promote you to stock your thoughts and experiences with us. Join america astatine our Ignite session ( Unveiling the latest successful Azure Networking for a secure, connected cloud) to research these capabilities successful item and stock your feedback arsenic we enactment unneurotic to unlock the future.