https://azure.microsoft.com/blog/azure-front-door-enhances-secure-cloud-cdn-with-intelligent-threat-protection/This blog post was co-authored by Jessie Jia, Senior Program Manager The Internet is the new corporate network and the fabric that connects users, devices, and data to applications of all types. It is foundational to how organizations run their businesses, engage their customers, conduct commerce, operate their supply chain, and enable their READ MORE
Increasing competition and ever-growing demand for mobile, always-on services challenges operators to find new strategies to grow profits and gain a competitive edge. To succeed, operators also need to embrace three critical trends:
Changing the economics of their service model. Finding new revenue and shareholder value with 5G. Driving digital transformation, consolidation, and automation.
To address these trends, operators are actively seeking ways to transform their infrastructure, embrace 5G, and evolve their business.
To support operators in capitalizing on this opportunity, we launched the Azure for Operators initiative in September 2020, acting as a trusted partner to provide cloud and edge computing technology and solutions. We are building a platform on the foundation of a carrier-grade cloud and enhanced networking to bring the power of Microsoft’s technology to the operator’s edge. When these capabilities are combined with our broad developer ecosystem and deep business-to-business partnership programs, the result is a unique environment that will help operators accelerate their ability to monetize their network capabilities.
The advent of 5G technology offers network operators unprecedented opportunities to expand their scale and range of services to enterprise customers in particular. Beyond faster data services for smartphones and 5G networks, other emerging technologies
“Microsoft’s global network connects over 60 Azure regions, over 220 Azure data centers, over 170 edge sites, and spans the globe with more than 165,000 miles of terrestrial and subsea fiber. The global network connects to the rest of the internet via peering at our strategically placed edge points of presence (PoPs) around the world. Every day, millions of people around the globe access Microsoft Azure, Office 365, Dynamics 365, Xbox, Bing and many other Microsoft cloud services. This translates to trillions of requests per day and terabytes of data transferred each second on our global network. It goes without saying that the reliability of this global network is critical, so I’ve asked Principal Program Manager Mahesh Nayak and Principal Software Engineer Umesh Krishnaswamy to write this two-part post in our Advancing Reliability series. They explain how we’ve approached our network design, and how we’re constantly working to improve both reliability and performance.”—Mark Russinovich, CTO, Azure
In part one of this networking post, we presented the key design principles of our global network, explored how we emulate changes, our zero touch operations and change automation, and capacity planning.
“Microsoft’s global network connects over 60 Azure regions, over 220 Azure data centers, over 170 edge sites, and spans the globe with more than 165,000 miles of terrestrial and subsea fiber. The global network connects to the rest of the internet via peering at our strategically placed edge points of presence (PoPs) around the world. Every day, millions of people around the globe access Microsoft Azure, Office 365, Dynamics 365, Xbox, Bing, and many other Microsoft cloud services. This translates to trillions of requests per day and terabytes of data transferred each second on our global network. It goes without saying that the reliability of this global network is critical, so I’ve asked Principal Program Manager Mahesh Nayak and Principal Software Engineer Umesh Krishnaswamy to write this two-part post in our Advancing Reliability series. They explain how we’ve approached our network design, and how we’re constantly working to improve both reliability and performance.”—Mark Russinovich, CTO, Azure
Microsoft’s global network is analogous to a highway system. Highways connect major cities and roadways connect small cities to major cities. In this analogy, data centers grouped into Azure regions are the major cities, and the edge PoPs are the small cities.
Whether you’re a new student, thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you’re spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Azure Cost Management + Billing comes in.
We’re always looking for ways to learn more about your challenges and how Azure Cost Management + Billing can help you better understand where you’re accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:
Simplify financial reporting with cost allocation, now in preview. Connector for AWS is now generally available. Get pay-as-you-go rates for all Azure products and services. What’s new in Cost Management Labs. Expanded availability of resource tags in cost reporting. 15 ways to optimize your Azure costs. New ways to save money with Azure. Upcoming changes to Azure usage data. Documentation updates.
Let’s dig into the details.
Simplify financial reporting with cost allocation, now in preview
Today we’re announcing the preview of the new ability to deploy and run third-party Network Virtual Appliances such as SD-WAN natively within the Azure Virtual WAN hubs.
As enterprises increasingly adopt the cloud while reducing their costs, IT teams looking to consolidate, accelerate, or even revamp connectivity models should consider Azure Virtual WAN. Modern enterprises require ubiquitous connectivity between hyper-distributed applications, data, and users across the cloud and on-premises.
Since we announced automated and integrated transit capabilities with Azure Virtual WAN as the first in the public cloud back in 2018, the interest to take advantage of Azure when building or re-architecting branch networks for the cloud has grown fast.
Azure Virtual WAN provides a service architecture to take full advantage of Microsoft’s fast global network. Virtual WAN makes it easy to connect Virtual Networks (VNets), Azure ExpressRoute, VPN, and now SD-WAN in “virtual hubs.” The connectivity agnostic approach allows full transit between branches, sites, mobile users, and services using Azure’s global infrastructure.
Barracuda is the first Virtual WAN partner to bring the advantage of this deep integration allowing customers to take advantage of SD-WAN (Software-Defined Wide Area Network) to improve performance while taking advantage of existing investments
We are excited to announce that Azure Load Balancer customers now have instant access to a packaged solution for health monitoring and configuration analysis. Built as part of Azure Monitor for Networks, customers now have topological maps for all their Load Balancer configurations and health dashboards for their Standard Load Balancers preconfigured with relevant metrics.
Through this, you have a window into the health and configuration of your networks, enabling rapid fault localization and informed design decisions. You can access this through the Insights blade of each Load Balancer resource and Azure Monitor for Networks, a central hub that provides access to health and connectivity monitoring for all your network resources.
Visualize functional dependencies
The functional dependency view will enable you to picture even the most complex load balancer setups. With visual feedback on Load Balancing rules, Inbound NAT rules, and backend pool resources, you can make updates while keeping a complete picture of your configuration in mind.
For Standard Load Balancers, your backend pool resources are color-coded with Health Probe status empowering you to visualize the current availability of your network to serve traffic. Alongside the above topology you are presented with a time-wise graph of health status,
Today, we see a huge shift to remote work due to the global pandemic. Organizations around the world need to enable more of their employees to work remotely. We are working to address common infrastructure challenges businesses face when helping remote employees stay connected at scale.
A common operational challenge is to seamlessly connect remote users to on-premises resources. Even within Microsoft, we’ve seen our typical remote access of roughly 55,000 employees spike to as high as 128,000 employees while we’re working to protect our staff and communities during the global pandemic. Traditionally, you planned for increased user capacity, deployed additional on-premises connectivity resources, and had time to re-arrange routing infrastructure to meet organization transit connectivity and security requirements. Today’s dynamic environment demands rapid enablement of remote connectivity. Azure Virtual WAN supports multiple scenarios providing large scale connectivity and security in a few clicks.
Azure Virtual WAN provides network and security in a unified framework. Typically deployed with a hub and spoke topology, the Azure Virtual WAN architecture enables scenarios such as:
Branch connectivity via connectivity automation provided by Virtual WAN VPN/SD-WAN partners. IPsec VPN connectivity. Remote User VPN (Point-to-Site) connectivity. Private (ExpressRoute) connectivity. Intra cloud connectivity (transitive connectivity for
Today we are announcing the general availability of the Rules Engine feature on both Azure Front Door and Azure Content Delivery Network (CDN). Rules Engine places the specific routing needs of your customers at the forefront of Azure’s global application delivery services, giving you more control in how you define and enforce what content gets served from where. Both services offer customers the ability to deliver content fast and securely using Azure’s best-in-class network. We have learned a lot from our customers during the preview and look forward to sharing the latest updates going into general availability.
How Rules Engine works
We recently talked about how we are building and evolving the architecture and design of Azure Front Door Rules Engine. The Rules Engine implementation for Content Delivery Network follows a similar design. However, rather than creating groups of rules in Rules Engine Configurations, all rules are created and applied to each Content Delivery Network endpoint. Content Delivery Network Rules Engine also boasts the concept of a global rule which acts as a default rule for each endpoint that always triggers its action.
General availability capabilities
Azure Front Door
The most important feedback we heard during the Azure Front Door
Starting today, customers of Azure Front Door (AFD) can take advantage of new rules to further customize their AFD behavior to best meet the needs of their customers. These rules bring the specific routing needs of your customers to the forefront of application delivery on Azure Front Door, giving you more control in how you define and enforce what content gets served from where.
Azure Front Door provides Azure customers the ability to deliver content fast and securely using Azure’s best-in-class network. We’ve heard from customers how important it is to have the ability to customize the behavior of your web application service, and we’re excited to announce Rules Engine, a new functionality on Azure Front Door, in preview today. Rules Engine is for all current and new Azure Front Door customers but is particularly important for customers looking to streamline security and content delivery at the edge.
New scenarios in Azure Front Door
Rules Engine allows you to specify how HTTP requests are handled at the edge.
The malleable nature of Rules Engine makes it the ideal solution to address legacy application migrations, where you don’t want to worry about users accessing old applications or not knowing how to