September was a busy month for Azure product announcements as industry experts descended
on Orlando for the Microsoft Ignite sessions. This brought together over 20,000 people to discuss how to meet the challenges, and enjoy the opportunities, of constant technological change.
The top announcements were grouped around four key areas: security, performance, cognitive services and infrastructure. Here’s our brief run-down of some of the big news coming out of the conference.
Virtual Network Service Endpoints
It’s now easier to keep your content out of public view while you’re developing. Services such as Storage and SQL would usually have Internet-facing IP addresses but the introduction of new Virtual Network (VNet) Service Endpoints take your private network address further. This means you can choose for resources to only be available on your own network in the cloud (VNet).
Denial of service protection for virtual networks
Denial of service attacks by malicious hackers are a growing problem for developers and customers. This has sparked new services from Microsoft for Azure offering protection from targeted DDoS attacks. This is done by letting you access configuration, alerting and telemetry which score against what the normal rate of traffic is to identify and mitigate potential attacks.
Application gateway and web application firewall enhancements
Security enhancements such as the ability to redirect (e.g. HTTP to HTTPS) so that all website traffic is encrypted was another of the Ignite updates. Users can also look at the specific rules used in their security precautions to make sure they’re relevant to their apps.
Simplifying networking security management
Other new ideas are making it easier for users to define network security access policies based on IP addresses. Simplified management processes for Network Security Groups (NSG) using Service Tags, Application Security Groups and enhanced NSG rule capabilities means access and restrictions are much easier to define.
Application Security Groups
On a similar note, Application Security Groups let users create tags that represent a group of VMs and then apply these to NSGs. That could be a group of all your WebServers or AppServers. Using a single name makes it easier to work these frameworks into your security policies.
Microsoft’s leadership team said during Ignite that they had introduced 25 Gbps VMs in 2016 and were now adding 30 Gbps virtual machines (VMs). These are computer environments that recreate the action of software but with the core data stored in the cloud. Increasing the capacity of these systems would provide ultra-low latency and high-speed information transfers for VM to VM traffic.
Direct access to network hardware
Microsoft teams said they had been working with partners to deliver network appliances with super-fast packet processing speed. The Data Plane Development Kit (DPDK) provides direct access to network hardware. One partner, A10, was using Accelerated Networking and DPDK in D series VMs and getting a super-fast information flow of 30Gbps.
Monitoring ExpressRoute with Operations Management Suite
The facility of ExpressRoute lets you privately connect to Microsoft’s cloud services without using the Internet. New capabilities in the Operations Management Suite (OMS) means you can now monitor how well connected these services are with feeds of key results including how quickly information is transferred and how quickly your system reacts. You can also set alerts if these measures change, as well as pull up vital statistics on how your service is running.
Global Virtual Network Peering
New advancements in Global VNet Peering mean VNets in different regions can connect via Microsoft’s global backbone network. ExpressRoute management has been simplified to facilitate this – the Microsoft peering route for this software now covers both public and Microsoft peering access.
Point-to-site (P2S) VPN support for Active Directory (AD) authentication
Customers can now connect to their Azure VNet from any location using a Windows or Mac OS device. Active Directory domain authentication can be used so customers use their organisation’s domain to authenticate their access, rather than inserting certificates on machines.
Azure’s new Load Balancer provides better diagnostics
Load balancing allows you to move and manage VNet traffic across your Network Virtual Appliances (NVAs) such as firewalls or virtual routers. The new Load Balancer uses your system’s Highly Available (HA) Ports to apply a simple rule that means your systems can run more reliably.
Bing custom search
A custom APPI for Bing Custom Search API will be released in October, Microsoft bosses announced. This allows users to significantly improve and expand their search offering. New improvements to this string are improved performance for queries on the Bing Web Search API.
This tool allows for you to learn more about what your customer thinks of your product or service by analysing raw text for clues about positive or negative sentiment. This is done in the form of an API which will give you a sentiment score (ranging from zero to one) for your documents.
This new cognitive function means the API can detect up to 120 languages from input text. This can then be reported as a single language code for every document submitted.
Larger VM sizes
Compute options were being expanded at a rapid rate, Microsoft announced. This means that much larger VM sizes were possible.
Azure file sync
File sharing can be done from a central point in the cloud using the new Azure File Sync. This makes the system for managing information between users much simpler and removes the need for special configuration or code changes.
Azure Cost Management, Azure Policy and Azure Migrate
The first two of these services allow you to monitor your cloud spending and compliance. This will be free for all Azure users, as is a preview of the third service, Azure Migrate. The new Azure Migrate service for virtual machines and server migration and discovery was also under discussion. This facility helps map migration dependencies over to Azure.
Overall, Ignite showed it’s an exciting time for IT, and Microsoft say they are looking to work with developers and users as trusted partners in this era of digital transformation. There’s a lot more yet to come.