Since our public preview announcement at Microsoft Ignite 2018, every month thousands of developers worldwide have leveraged the Azure SignalR Service bindings for Azure Functions to add real-time capabilities to their serverless applications. Today, we are excited to announce the general availability of these bindings in all global regions where Azure SignalR Service is available!
SignalR Service is a fully managed Azure service that simplifies the process of adding real-time web functionality to applications over HTTP. This real-time functionality allows the service to push messages and content updates to connected clients using technologies such as WebSocket. As a result, clients are updated without the need to poll the server or submit new HTTP requests for updates.
Azure Functions provides a productive programming model based on triggers and bindings for accelerated development and serverless hosting of event-driven applications. It enables developers to build apps using the programming languages and tools of their choice, with an end-to-end developer experience that spans from building and debugging locally, to deploying and monitoring in the cloud. Combining Azure SignalR Service with Azure Functions using these bindings, you can easily push updates to the UI of your applications with just a few lines of code.
Today, I am pleased to announce the general availability of Microsoft Azure from our new cloud regions in Cape Town and Johannesburg, South Africa. Nedbank, Peace Parks Foundation, and eThekwini water are just a few of the organizations in Africa leveraging Microsoft cloud services today and will benefit from the increased computing resources and connectivity from our new cloud regions.
The launch of these regions marks a major milestone for Microsoft as we open our first enterprise-grade datacenters in Africa, becoming the first global provider to deliver cloud services from datacenters on the continent. The new regions provide the latest example of our ongoing investment to help enable digital transformation and advance technologies such as AI, cloud, and edge computing across Africa.
By delivering the comprehensive Microsoft Cloud — comprising Azure, Office 365, and Dynamics 365 — from datacenters in a given geography, we offer scalable, available, and resilient cloud services to companies and organizations while meeting data residency, security, and compliance needs. We have deep expertise in protecting data and empowering customers around the globe to meet extensive security and privacy requirements, including offering the broadest set of compliance certifications and attestations in the industry.
With 54 regions
Following the launch of Azure DevOps in September, we’re pleased to announce the official release of Azure DevOps Server 2019! Previously known as Team Foundation Server (TFS), Azure DevOps Server 2019 brings the power of Azure DevOps into your dedicated environment. You can install Azure DevOps Server 2019 into any datacenter or sovereign, and determine when to apply updates.
About Azure DevOps Server
Azure DevOps includes developer collaboration tools which can be used together or independently, including Azure Boards (Work), Azure Repos (Code), Azure Pipelines (Build and Release), Azure Test Plans (Test), and Azure Artifacts (Packages). These tools support all popular programming languages, any platform (including macOS, Linux, and Windows) or cloud, as well as on-premises environments. Like with TFS, you control where you install Azure DevOps Server and when you apply updates. If you prefer to let us manage, use Azure DevOps Services which is available in more geographic regions than any other cloud hosted developer collaboration service.
Download Azure DevOps Server 2019 What’s new?
The release notes describe the major updates from TFS 2018 to Azure DevOps Server 2019, but my key highlights include:
The new navigation, which enables users to easily navigate between services, is more
This blog post was co-authored by Sumeet Mittal, Senior Program Manager, Azure Networking.
Ensure security and limit access to your MariaDB server with the virtual network (VNet) service endpoints now generally available for Azure Database for MariaDB. VNet service endpoints enable you to isolate connectivity to your logical server from a given subnet within your virtual network. The traffic to Azure Database for MariaDB from your VNet always stays within the Azure network. Preference for this direct route is over any specific ones that route Internet traffic through virtual appliances or on-premises.
There is no additional billing for virtual network access through VNet service endpoints. The current pricing model for Azure Database for MariaDB applies as is.
Using firewall rules and VNet service endpoints together
Turning on VNet service endpoints does not override firewall rules that you have provisioned on your Azure Database for MariaDB, both remain applicable.
VNet service endpoints don’t extend to on-premises. To allow access from on-premises, you can use firewall rules to limit connectivity only to your public (NAT) IPs.
To learn more about VNet protection view our documentation, “Use Virtual Network service endpoints and rules for Azure Database for MariDB.”
Turning on service endpoints
For read-heavy workloads that you are looking to scale out, you can use read replicas, which are now generally available to all Azure Database for MySQL users. Read replicas make it easy to horizontally scale out beyond a single database server. This is useful in workloads such as BI reporting and web applications, which tend to have more read operations than write.
The feature supports continuous asynchronous replication of data from one Azure Database for MySQL server (the “master” server) to up to five Azure Database for MySQL servers (the “read replica” servers) in the same region. Read-heavy workloads can be distributed across the replica servers according to your preference. Replica servers are read-only except for writes replicated from data changes on the master.
What’s supported with read replicas?
You can create or delete replica servers based on your workload’s needs. A master server can support up to five replica servers within the same Azure region. Stopping replication to any replica server makes it a standalone read-write server.
From the Azure portal:
Use Azure Monitor to track replication with the “replication lag in seconds” metric:
This is an exciting week for us at Microsoft. At RSA Conference 2019, we are announcing new and exciting capabilities in Azure and Microsoft 365. With this blog post, we wanted to share with you what we have been working on for Azure Security Center. Azure Security Center now leverages machine learning to reduce the attack surface of internet facing virtual machines. Its adaptive application controls have been extended to Linux and on-premises servers, and extends the network map support to peered virtual network (VNet) configurations.
Leveraging machine learning to reduce attack surface
One of the biggest attack surfaces for workloads running in the public cloud are connections to and from the public Internet. Our customers find it hard to know which Network Security Group (NSG) rules should be in place to make sure that Azure workloads are only available to required source ranges. Security Center can now learn the network traffic and connectivity patterns of your Azure workload and provide you with NSG rule recommendations for your internet facing virtual machines. This helps you better configure your network access policies and limit your exposure to attacks.
Azure Security Center uses machine learning to fully automate this process, including an
Today we are excited to launch two new key capabilities to Azure Firewall.
Threat intelligence based filtering Service tags filtering
Azure Firewall is a cloud native firewall-as-a-service offering which enables customers to centrally govern all their traffic flows using a DevOps approach. The service supports both application (such as *.github.com), and network level filtering rules. It is highly available and auto scales as your traffic grows.
Threat intelligence based filtering (preview)
Microsoft has a rich signal of both internal threat intelligence data, as well as third party sourced data. Our vast team of data scientists and cybersecurity experts are constantly mining this data to create a high confidence list of known malicious IP addresses and domains. Azure firewall can now be configured to alert and deny traffic to and from known malicious IP addresses and domains in near real-time. The IP addresses and domains are sourced from the Microsoft Threat Intelligence feed. The Microsoft Intelligent Security Graph powers Microsoft Threat Intelligence and provides security in multiple Microsoft products and services, including Azure Security Center and Azure Sentinel.
Threat intelligence-based filtering is default-enabled in alert mode for all Azure Firewall deployments, providing logging of all matching indicators. Customers can adjust behavior
When someone mentions the words “Internet of Things,” often the first picture that comes to mind is some sort of device with the Internet “built-in.” However, a built-in design involves months or years of design work and applies only to devices that have yet to come to market. How do businesses leverage IoT for the billions of devices already in the field without creating a large security risk? Within the Azure Sphere team, we have a term for those scenarios that is called “brownfield” deployments. Josh Nash, our product planner, is guest blogging today to tell you more about brownfield IoT and how Azure Sphere can safely connect devices already deployed in the field.
– Ed Nightingale
As a product planner, I have spent thousands of hours meeting with partners and customers to understand their needs to ensure that our product is not only secured, but also practical and useful. Our first focus is often on new devices, which are devices that have Azure Sphere deeply integrated into the product platform. We refer to these devices as “greenfield” scenarios. These scenarios shine as Azure Sphere’s value proposition resonates soundly, and the implementation is comparatively more straightforward due to
Security can be a never-ending saga—a chronicle of increasingly sophisticated attacks, volumes of alerts, and long resolution timeframes where today’s Security Information and Event Management (SIEM) products can’t keep pace.
SecOps teams are inundated with a very high volume of alerts and spend far too much time in tasks like infrastructure set up and maintenance. As a result, many legitimate threats go unnoticed. An expected shortfall of 3.5M security professionals by 2021 will further increase the challenges for security operations teams. You need a solution that empowers your existing SecOps team to see the threats clearer and eliminate the distractions.
That’s why we reimagined the SIEM tool as a new cloud-native solution called Microsoft Azure Sentinel. Azure Sentinel provides intelligent security analytics at cloud scale for your entire enterprise. Azure Sentinel makes it easy to collect security data across your entire hybrid organization from devices, to users, to apps, to servers on any cloud. It uses the power of artificial intelligence to ensure you are identifying real threats quickly and unleashes you from the burden of traditional SIEMs by eliminating the need to spend time on setting up, maintaining, and scaling infrastructure. Since it is built on Azure, it offers
Today, we are very excited to announce the general availability of Azure Lab Services – your computer labs in the cloud.
With Azure Lab Services, you can easily set up and provide on-demand access to preconfigured virtual machines (VMs) to teach a class, train professionals, run hackathons or hands-on labs, and more. Simply input what you need in a lab and let the service roll it out to your audience. Your users go to a single place to access all their VMs across multiple labs, and connect from there to learn, explore, and innovate.
Since our preview announcement, we have had many customers use the service to conduct classes, training sessions, boot camps, hands on labs, and more! For classroom or professional training, you can provide students with a lab of virtual machines configured with exactly what you need for class and give each student a specified number of hours to use the VMs for homework or personal projects. You can run a hackathon or a hands-on lab at conferences or events and scale up to hundreds of virtual machines for your attendees. You can also create an invite-only private lab of virtual machines installed with your prerelease software to