Category Archives : Networking



Visibility into network activity with Traffic Analytics – now in public preview

Today, we are announcing the public preview of Traffic Analytics, a cloud-based solution that provides visibility into user and application traffic on your cloud networks.

Traffic Analytics analyzes NSG Flow Logs across Azure regions and equips you with actionable information to optimize workload performance, secure applications and data, audit your organization’s network activity and stay compliant.

With Traffic Analytics, you now can:

Gain visibility into network activity across your cloud networks. Solution provides insights on: traffic flows across your networks between Azure and Internet, in Azure,  public cloud regions, VNETs and subnets. inter-relationships between critical business services and applications. applications and protocols on your network, without the need for sniffers or dedicated flow collector appliances. Secure your network; Identify threats on your network, such as: flows between your VMs and rogue networks. network ports open to the Internet. applications attempting Internet access. anomalous network traffic behavior (e.g. back-end servers attempting connectivity, to servers outside your network etc.) Improve performance of your applications by: capacity planning – eliminate issues of over-provisioning or under utilization by monitoring utilization trends of VPN gateways and other services. analyzing in-bound and out-bound flows. understanding application access patterns (e.g. Where are



ExpressRoute monitoring with Network Performance Monitor (NPM) is now generally available

We are excited to share the general availability of ExpressRoute monitoring with Network Performance Monitor (NPM). A few months ago, we announced ExpressRoute Monitor with NPM in public preview. Since then, we’ve seen lots of users monitor their Azure ExpressRoute private peering connections, and working with customers we’ve gathered a lot of great feedback. While we’re not done working to make ExpressRoute monitoring best in class, we’re ready and eager for everyone to get their hands on it. In this post, I’ll take you through some of the capabilities that ExpressRoute Monitor provides. To get started, watch a brief demo video explaining ExpressRoute monitoring capability in Network Performance Monitor.

Monitor connectivity to Azure VNETs, over ExpressRoute

NPM can monitor the packet loss and network latency between your on-premises resources (branch offices, datacenters, and office sites) and Azure VNETs connected through an ExpressRoute. You can setup alerts to get proactively notified whenever the loss or latency crosses the threshold. In addition to viewing the near real-time values and historical trends of the performance data, you can use the network state recorder to go back in time to view particular network state in order to investigate the difficult-to-catch transient issues.

Get end-to-end



Virtual Network Service Endpoints and Firewalls for Azure Storage now generally available

This blog post was co-authored by Anitha Adusumilli, Principal Program Manager, Azure Networking.

Today we are announcing the general availability of Firewalls and Virtual Networks (VNets) for Azure Storage along with Virtual Network Service Endpoints. Azure Storage Firewalls and Virtual Networks uses Virtual Network Service Endpoints to allow administrators to create network rules that allow traffic only from selected VNets and subnets, creating a secure network boundary for their data. These features are now available in all Azure public cloud regions and Azure Government. As part of moving to general availability it is now backed by the standard SLAs. There is no additional billing for virtual network access through service endpoints. The current pricing model for Azure Storage applies as is today.

Customers often prefer multiple layers of security to help protect their data. This includes network-based access control protections as well as authentication and authorization-based protections. As part of the general availability of Firewalls and Virtual Networks for Storage and VNet Service Endpoints we enable network-based access control. These new network focused features allow the customer to define network access-based security ensuring that only requests coming from approved Azure VNets or specified public IP ranges will be allowed to



Network Watcher Connection Troubleshoot now generally available

Azure Network Watcher Connection Troubleshoot, previously in preview as Connectivity Check, is making general availability sporting a new name. Connection Troubleshoot, part of our Network Watcher suite of networking tools and capabilities, enable you to troubleshoot network performance and connectivity issues in Azure.

Continuing the expansion of tools within Azure Network Watcher, this new addition provides visualization of the hop by hop path from source to destination, identifying issues that can potentially impact your network performance and connectivity.

Network Watcher Connection Troubleshoot features

With the addition of Connection Troubleshoot, Network Watcher will see an incremental increase in its capabilities and ways for you to utilize it in your day to day operations. You can now:

Check connectivity between source (VM) and destination (VM, URI, FQDN, IP Address) Identify configuration issues that are impacting reachability Provide all possible hop by hop paths from the source to destination Hop by hop latency Latency – min, max, and average between source and destination A topology (graphical) view from your source to destination Number of packets dropped during the connection troubleshoot check

Connectivity troubleshoot check graph view output Source: Azure VM and Destination:

What kind of issues can Connection Troubleshoot detect?




Maximize your VM’s Performance with Accelerated Networking – now generally available for both Windows and Linux

We are happy to announce that Accelerated Networking (AN) is generally available (GA) and widely available for Windows and the latest distributions of Linux providing up to 30Gbps in networking throughput, free of charge! 

AN provides consistent ultra-low network latency via Azure’s in-house programmable hardware and technologies such as SR-IOV. By moving much of Azure’s software-defined networking stack off the CPUs and into FPGA-based SmartNICs, compute cycles are reclaimed by end user applications, putting less load on the VM, decreasing jitter and inconsistency in latency.

With the GA of AN, region limitations have been removed, making the feature widely available around the world. Supported VM series include D/DSv2, D/DSv3, E/ESv3, F/FS, FSv2, and Ms/Mms.

The deployment experience for AN has also been improved since public preview. Many of the latest Linux images available in the Azure Marketplace, including Ubuntu 16.04, Red Hat Enterprise Linux 7.4, CentOS 7.4 (distributed by Rogue Wave Software), and SUSE Linux Enterprise Server 12 SP3, work out of the box with no further setup steps needed. Windows Server 2016 and Windows Server 2012R2 also work out of the box.

All the information needed to deploy a VM with AN can be found here, Windows AN VM



Benefits of migrating IaaS to Azure Resource Manager

Why IaaS on Azure Resource Manager

It has been more than 2 years since we launched IaaS on Azure Resource Manager. Since then, we’ve been busy adding awesome features to this new stack in addition to all the features of the classic stack. Below are some of the features and benefits you get by deploying your infrastructure on Azure Resource Manager:

Compute Managed Disks – Simplify your storage management by exposing disks as a top level resource. In addition, Managed Disks are designed to improve the availability of your virtual machines. Learn more about the other benefits of using Managed Disks. Virtual machine scale sets – Provide a great blend of IaaS like control with PaaS like manageability. Scale sets allow you to reliably deploy and update a large set of virtual machines at large scale. Availability zones – Have peace of mind knowing that your mission critical applications can withstand datacenter-level failures. Instance metadata service – Provides a RESTful endpoint that allows virtual machines instances to get information regarding its compute, network, and upcoming maintenance events from within the virtual machine. Reserved instances – Allows reservation of virtual machines in advance, and significantly reduce costs compared to pay-as-you-go prices.