Today, we are excited to announce the general availability of Azure Storage Service Encryption with customer managed keys integrated with Azure Key Vault for Azure Blob and File Storage. Azure customers already benefit from Storage Service Encryption for Azure Blob and File Storage using Microsoft managed keys.
Storage Service Encryption with customer managed keys uses Azure Key Vault that provides highly available and scalable secure storage for RSA cryptographic keys backed by FIPS 140-2 Level 2 validated Hardware Security Modules (HSMs). Key Vault streamlines the key management process and enables customers to maintain full control of keys used to encrypt data, manage, and audit their key usage.
This is one of the most requested features by enterprise customers looking to protect sensitive data as part of their regulatory or compliance needs, HIPAA and BAA compliant.
Customers can generate/import their RSA key to Azure Key Vault and use it with Storage Service Encryption. Azure Storage handles the encryption and decryption in a fully transparent fashion using envelope encryption in which data is encrypted using an AES 256 based key, which is in turn protected using the customer managed key stored in Azure Key Vault.
Customers can rotate their key in
We are delighted to announce the public preview of SQL Information Protection, introducing advanced capabilities built into Azure SQL Database for discovering, classifying, labeling, and protecting the sensitive data in your databases. Similar capabilities are also being introduced for on-premises SQL Server via SQL Server Management Studio.
Discovering and classifying your most sensitive data, including business, financial, healthcare, and PII, can play a pivotal role in your organizational information protection stature. It can serve as infrastructure for:
Helping meet data privacy standards and regulatory compliance requirements, such as GDPR. Data-centric security scenarios, such as monitoring (auditing) and alerting on anomalous access to sensitive data. Controlling access to and hardening the security of databases containing highly sensitive data. What is SQL Information Protection?
SQL Information Protection (SQL IP) introduces a set of advanced services and new SQL capabilities, forming a new information protection paradigm in SQL aimed at protecting the data, not just the database:
Discovery and recommendations – The classification engine scans your database and identifies columns containing potentially sensitive data. It then provides you an easy way to review and apply the appropriate classification recommendations via the Azure portal. Labeling – Sensitivity classification labels can be persistently tagged on
Integrating geography and location information with AI brings a powerful new dimension to understanding the world around us. This has a wide range of applications in a variety of segments, including commercial, governmental, academic or not-for-profit. Geospatial AI provides robust tools for gathering, managing, analyzing and predicting from geographic and location-based data, and powerful visualization that can enable unique insights into the significance of such data.
Available today, Microsoft and Esri will be offering the GeoAI Data Science Virtual Machine (DSVM) as part of our Data Science Virtual Machine/Deep Learning Virtual Machine family of products on Azure. This is a result of a collaboration between the two companies and will bring AI, cloud technology and infrastructure, geospatial analytics and visualization together to help create more powerful and intelligent applications.
At the heart of the GeoAI Virtual Machine is ArcGIS Pro, Esri’s next-gen 64-bit desktop geographic information system (GIS) that provides professional 2D and 3D mapping in an intuitive user interface. ArcGIS Pro is a big step forward in advancing visualization, analytics, image processing, data management and integration.
ArcGIS Pro is installed in a Data Science Virtual Machine (DSVM) image from Microsoft. The DSVM is a popular experimentation and modeling
Azure SQL Database Premium tier supports multiple redundant replicas for each database that are automatically provisioned in the same datacenter within a region. This design leverages the SQL Server AlwaysON technology and provides resilience to server failures with 99.99% availability SLA and RPO=0. With the introduction of Azure Availability Zones, we are happy to announce that the SQL Database now offers built-in support of the Availability Zones in its Premium service tier. By placing the individual database replicas to different availability zones, it makes the Premium databases resilient to the much larger set of failures, including catastrophic datacenter outages. The built-in support of Availability Zones further enhances the High Availability (HA) solutions in Azure SQL Database. For more information see High-availability and Azure SQL Database.
To take advantage of this capability, you simply select the zone redundant option during the database or elastic pool creation. You can also enable it for existing databases or pools. If the availability zones are supported in the region where your database or pool is deployed, Azure SQL will automatically reconfigure it without any downtime.
You can use the Azure portal to enable zone redundant database configuration as illustrated on the following diagram.
The confluence of cloud, data and AI is driving unprecedented change. The ability to utilize data and turn it into breakthrough actions and experiences, is foundational to innovation today. Organizations are using cloud technologies to accelerate the innovation that drives their business—migrating applications and data to the cloud is a key initiative within this strategy.
Only Microsoft delivers a consistent and global platform optimized for hybrid cloud for all applications and data. Microsoft provides the flexibility to maintain consistent hybrid cloud environments, while also providing rich choice of migration and modernization options. This consistency enables you to distribute your applications and data workloads on your terms, without the complexity of having to maintain different skillsets, systems, and tools while extracting the insights from data to drive innovation.
Today, we are excited to announce investments that dramatically expand the choice and ROI of moving your SQL Server and open source applications to Azure. SQL Server customers can now try the preview for SQL Database Managed Instance, Azure Hybrid Benefit for SQL Server license benefit which can help customers save up to 30%*, and Azure Database Migration Service preview for Managed Instance. Additionally, we are excited to announce the preview for
A couple of months back, we announced the general availability of App Service on Linux, starting with support for .NET Core, Node.js, Ruby, PHP, and custom Docker containers. Today, we are glad to share the public preview of Java apps on App Service. This release includes built-in support for Apache Tomcat 8.5/9.0 and OpenJDK 8, making it easy for Java developers to deploy web or API apps to Azure. Just bring your .jar or .war file to Azure App Service and we’ll take care of the capacity provisioning, server maintenance, and load balancing.
Create and deploy a Java web app easily
Creating a Java web app is easy with App Service using our out-of-box support for Tomcat and OpenJDK. You can deploy your .jar or .war file to Azure and get it up and running at scale with just a few clicks. If you have other preferred images such as Jetty or a different JRE, you can also build your own Docker image and deploy it to App Service.
Here’s an example of creating a Java web app with a Tomcat image in the portal:
App Service integrates well with your favorite code repos, IDEs, and CLI tools. You
This blog post was co-authored by Eric Hudson, Senior Product Marketing Manager, CADD & AI.
We’re excited to announce the preview of Azure SQL Database Managed Instance, a new deployment option in SQL Database that streamlines the migration of SQL Server workloads to a fully managed database service. This new Managed Instance deployment option provides full SQL Server engine compatibility and native virtual network (VNET) support.
“SQL Managed Instance is that happy medium we were looking for. We needed the power and compatibility of SQL Server, but without the management overhead and cost that comes with running VMs 24×7. Not only will we get that power and ease of management, we’ll also be able to use the Azure Hybrid Benefit, which allows us to use our existing SQL Server licensing through Software Assurance. Developing, deploying, and managing our application is getting a whole lot easier and cheaper with Azure and SQL Managed Instance.”
Robert Shurbet, Senior Software Development Professional, Pivot Technology Solutions
Migrate your databases to a fully-managed service
Azure SQL Database is a fully-managed database service, which means that Microsoft operates SQL Server for you and ensures its availability and performance. SQL Database also includes innovative
Azure Security Center provides several threat prevention mechanisms to help you reduce surface areas susceptible to attack. One of those mechanisms is Just-in-Time (JIT) VM Access. Today we are excited to announce the general availability of Just-in-Time VM Access, which reduces your exposure to network volumetric attacks by enabling you to deny persistent access while providing controlled access to VMs when needed.
When you enable JIT for your VMs, you can create a policy that determines the ports to be protected, how long ports remain open, and approved IP addresses from where these ports can be accessed. The policy helps you stay in control of what users can do when they request access. Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. The policy will also help you quickly identify existing virtual machines that have JIT enabled and virtual machines where JIT is recommended.
Looking to transform your business by improving your on-premises environments, accelerating your move to the cloud, and gaining transformative insights from your data? Here’s your opportunity to learn from the experts and ask the questions that help your organization move forward.
Join us for one or all of these training sessions for a deep dive into a variety of topics, including products like SQL Server 2017, Azure SQL Database, and Azure Cosmos DB, along with Microsoft innovations in artificial intelligence, advanced analytics, and big data.
SQL Server 2017
It’s all about choice. Now, you have the flexibility of leveraging SQL Server 2017’s industry-leading performance and security wherever you like—whether that’s on Windows, Linux, or Docker containers. We’re hosting two training sessions this month to help you learn more about the many exciting features of SQL Server 2017.
Industry-leading performance and security with SQL Server 2017
In this webinar, learn more about innovative SQL Server 2017 features that enhance your applications, analytics, and business intelligence (BI) workloads, including:
Automated tuning features such as Adaptive Query Processing and Automatic Plan Correction for faster, more consistent performance. Advanced security features such as encryption at rest and in use, dynamic data masking, and row-level
When we announced the preview of our new NCv3 virtual machines back in November, I knew they’d be very popular with our customers. NCv3 brings NVIDIA’s latest GPU – the Tesla V100 – to our best-in-class HPC, machine learning, and AI products to bring huge amounts of value across a variety of industries. One preview customer told us their speech recognition models trained in less than 20 minutes, instead of the 1-2 hours that previous generation GPUs required. Another customer told us about the 40-50% performance boost they saw on their reservoir simulations.
With these fantastic customer success stories, I am ecstatic to announce that the NCv3 virtual machines are now generally available in the US East region. We’ll be adding NCv3 to EU West and US South Central later this month. We’ll add AP Southeast in April and UK South and IN Central in May.
But this isn’t the only GPU announcement I am making today. We’re also expanding our NV series, which enables powerful remote visualization applications, into the US East 2, US Gov Virginia, and Central India regions. And our ND series, designed for AI and machine learning workloads, are expanding into the US South Central, AP