Category Archives : Networking

03

Jul

Network Performance Monitor is now generally available in UK South region

Network Performance Monitor (NPM) – a cloud-based network monitoring solution for cloud-only, on-premises, and hybrid networking environments, is now generally available in the UK South region.

Customers in this region can now use various capabilities of NPM, such as:

Performance Monitor to monitor connectivity between various locations on the network, visualize the health of all paths on the network, and troubleshoot issues. The Network State Recorder feature allows for the debugging of transient network issues that may have occurred in the past. ExpressRoute Monitor to monitor the availability of ExpressRoute circuits. The health of end to end connectivity, spanning on-premises locations, service provider network (ExpressRoute circuit), and one or more VNETs in Azure can be monitored. Recent additions enable monitoring of Microsoft peering, i.e., connectivity to Office 365, Dynamics, SharePoint, and other productivity services. Service Connectivity Monitor to monitor network connectivity to web based (SaaS and internal line of business) applications and URIs from various locations. The Service Connectivity Monitor correlates application responsiveness with network performance and helps determine if the poor application experience is impacted by network issues.

Chart of application response time and network latency. Significant variation in network latency (represented by the orange line) at noon,

Share

26

Jun

New zone-redundant VPN and ExpressRoute gateways now in public preview

As with all of Azure, we are continuously innovating, upgrading, and refining our virtual network gateways to further increase reliability and availability.

Today, we are sharing the public preview of zone-redundant VPN Gateway and ExpressRoute virtual network gateways. By adding support for Azure Availability Zones, we bring increased resiliency, scalability, and higher availability to virtual network gateways.

You can now deploy VPN and ExpressRoute gateways in Azure Availability Zones. This physically and logically separates them into different Availability Zones protecting your on-premises network connectivity to Azure from zone-level failures. Additionally, we have made fundamental performance improvements including reducing the deployment time to create a virtual network gateway.

To automatically deploy your virtual network gateways across availability zones, you can use zone-redundant virtual network gateways.

Zone-redundant virtual network gateways use specific new gateway SKUs for VPN Gateway and ExpressRoute. To begin using zone-redundant, you can self-enroll your subscription in the public preview. Once you enroll, you will start seeing the new gateway SKUs in all the Azure Availability Zone regions. See the getting started guide for steps to self-enroll, to view information about the new gateway SKUs, and for configuration information.

The new gateway SKUs also support other deployment options

Share

26

Jun

New zone-redundant VPN and ExpressRoute gateways now in public preview

As with all of Azure, we are continuously innovating, upgrading, and refining our virtual network gateways to further increase reliability and availability.

Today, we are sharing the public preview of zone-redundant VPN Gateway and ExpressRoute virtual network gateways. By adding support for Azure Availability Zones, we bring increased resiliency, scalability, and higher availability to virtual network gateways.

You can now deploy VPN and ExpressRoute gateways in Azure Availability Zones. This physically and logically separates them into different Availability Zones protecting your on-premises network connectivity to Azure from zone-level failures. Additionally, we have made fundamental performance improvements including reducing the deployment time to create a virtual network gateway.

To automatically deploy your virtual network gateways across availability zones, you can use zone-redundant virtual network gateways.

Zone-redundant virtual network gateways use specific new gateway SKUs for VPN Gateway and ExpressRoute. To begin using zone-redundant, you can self-enroll your subscription in the public preview. Once you enroll, you will start seeing the new gateway SKUs in all the Azure Availability Zone regions. See the getting started guide for steps to self-enroll, to view information about the new gateway SKUs, and for configuration information.

The new gateway SKUs also support other deployment options

Share

25

Jun

Network Performance Monitor’s Service Connectivity Monitor is now generally available

Network Performance Monitor’s (NPM) Service Connectivity Monitor, previously in preview as Service Endpoint Monitor, is making general availability sporting a new name. With Service Connectivity Monitor, you can now monitor connectivity to services such as applications, URIs, VMs, and network devices, as well as determine what infrastructure is in the path and where network bottlenecks are occurring.

As services and users are becoming more dispersed across clouds, branch offices, and remote geographies, it is becoming more difficult to determine the cause of a service outage or performance degradation. These can be due to an issue with the application, stack, or cluster as well as network issues in the cloud, the carrier network, or in the first-mile. Service Connectivity Monitor integrates the monitoring and visualization of the performance of your internally hosted and cloud services with the end-to-end network performance. You can create connectivity tests from key points in your network to your services and identify whether the problem is due to the network or the application. With the network topology map, you can locate the links and interfaces experiencing high loss and latencies, helping you identify external and internal troublesome network segments.

Determine if it’s an application or a network

Share

20

Jun

Traffic Analytics now generally available
Traffic Analytics now generally available

We are excited to announce the general availability (GA) of the Traffic Analytics, a SaaS solution that provides visibility into user and application traffic on your cloud networks.

Since the public preview, three months ago, the solution has analyzed several terabytes of Flow logs on a regular basis for network activity across virtual subnets, VNets, Azure data center regions and VPNs, and provided actionable insights that helped our customers:

Audit their networks and root out shadow-IT and non-compliant workloads. Optimize the placement of their workloads and improve the user experience for their end users. Detect security issues and improve application and data security. Reduce costs and right size their deployments by eliminating the issue of over-provisioning or under-utilization. Gain visibility into their public cloud networks spanning multiple Azure regions across numerous subscriptions.

This GA release includes enhancements that help you detect issues and secure/optimize your network, faster and more intuitively than before.

Some of the enhancements in this release are:

Your environment: Provides a view into your entire Azure network, identifies inactive regions, virtual networks, and subnets – for example, network locations with VMs and no network activity for further analysis. Detects malicious flows as they flow across application gateways,

Share

20

Jun

Traffic Analytics now generally available
Traffic Analytics now generally available

We are excited to announce the general availability (GA) of the Traffic Analytics, a SaaS solution that provides visibility into user and application traffic on your cloud networks.

Since the public preview, three months ago, the solution has analyzed several terabytes of Flow logs on a regular basis for network activity across virtual subnets, VNets, Azure data center regions and VPNs, and provided actionable insights that helped our customers:

Audit their networks and root out shadow-IT and non-compliant workloads. Optimize the placement of their workloads and improve the user experience for their end users. Detect security issues and improve application and data security. Reduce costs and right size their deployments by eliminating the issue of over-provisioning or under-utilization. Gain visibility into their public cloud networks spanning multiple Azure regions across numerous subscriptions.

This GA release includes enhancements that help you detect issues and secure/optimize your network, faster and more intuitively than before.

Some of the enhancements in this release are:

Your environment: Provides a view into your entire Azure network, identifies inactive regions, virtual networks, and subnets – for example, network locations with VMs and no network activity for further analysis. Detects malicious flows as they flow across application gateways,

Share

31

May

VNet service endpoints for Azure database services for MySQL and PostgreSQL in preview

This blog post was co-authored by Anitha Adusumilli, Principal Program Manager, Azure Networking.

We recently made Azure database services for MySQL and PostgreSQL generally available. These services offer the community versions of MySQL and PostgreSQL with built-in high availability, a 99.99% availability SLA, elastic scaling for performance, and industry leading security and compliance on Azure. Since general availability, we have continued to bring new features and capabilities like increased storage and availability across more regions worldwide.

We are excited to announce the public preview of Virtual Network (VNet) service endpoints for Azure Database for MySQL and PostgreSQL in all regions where the service is available. Visit region expansion for MySQL and PostgreSQL for service availability. VNet service endpoints enable you to isolate connectivity to your logical server from only a given subnet or set of subnets within your virtual network. The traffic to Azure Database for MySQL and/or PostgreSQL from your VNet always stays within the Azure backbone network. Preference for this direct route is over any specific ones that route Internet traffic through virtual appliances or on-premises.

There is no additional billing for virtual network access through service endpoints. The current pricing model for Azure Database for MySQL and

Share

17

May

New Azure Network Watcher integrations and Network Security Group Flow Logging updates

Azure Network Watcher provides you the ability to monitor, diagnose, and gain insights into your network in Azure.

Among its suite of capabilities, Network Watcher offers the ability to log network traffic through Network Security Group (NSG) Flow Logging. When NSG Flow Logging is enabled, you gain access to Network flow-level data that has endless applications in security, compliance, and traffic monitoring use cases. Deeper analysis of this NSG flow data is available in Network Watcher using Traffic Analytics, which is currently in preview.

Since Azure Network Watcher’s inception, we have continuously partnered with leaders in the SIEM and Log Management industry to provide a rich ecosystem of tools that seamlessly integrate and understand your network in Azure. I would like to highlight two of the most recent partners, offering customers additional choice and value through integration with Azure. On top of our growing ecosystem, we have now enabled the option to send NSG Flow Log data across subscriptions which greatly enhances log management in larger environments.

McAfee Cloud Workload Security integration

Recently, McAfee announced the general availability of the Cloud Workload Security (CWS) Platform in Azure including integration with Network Watcher. CWS automates the discovery and defense of elastic workloads

Share

17

May

Announcing SQL Advanced Threat Protection (ATP) and SQL Vulnerability Assessment general availability

We are delighted to announce the general availability of SQL Vulnerability Assessment for Azure SQL Database! SQL Vulnerability Assessment (VA) provides you a one-stop-shop to discover, track and remediate potential database vulnerabilities. It helps give you visibility into your security state, and includes actionable steps to investigate, manage and resolve security issues, and enhance your database fortifications. VA is available for Azure SQL Database customers as well as for on-premises SQL Server customers via SSMS.

If you have data privacy requirements or need to comply with data protection regulations like the European Union General Data Protection Regulation (EU GDPR), then VA is your built-in solution to simplify these processes and monitor your database protection status. For dynamic database environments where changes are frequent and hard to track, VA is invaluable in detecting the settings that can leave your database vulnerable to attack.

New SQL Advanced Threat Protection (ATP)

VA is being released to general availability (GA) as part of a new security package for your Azure SQL Database, called SQL Advanced Threat Protection (ATP). ATP provides a single go-to location for discovering, classifying and protecting sensitive data, managing your database vulnerabilities, and detecting anomalous activities that could indicate a

Share

09

May

Azure Networking May 2018 announcements
Azure Networking May 2018 announcements

This week is Microsoft Build 2018, our premiere event of the year for our gifted developer audience. With a strong appetite for technology and a desire to learn and immerse themselves in new ways to build and create cloud applications, thousands of software professionals and coders are coming to Seattle this week. We’d like to take this opportunity to let you know about new networking services we have launched as well as enhancements we have made.

As businesses of all sizes increasingly move their mission-critical workloads to Azure, new opportunities arise to simplify the overall network experience, from security and management over monitoring to key areas such as reliability and performance. Launching new services such as DDoS, VNet access to Azure services, zone-aware Application Gateways, a new global scale CDN offering, along with a new and super-fast Load Balancer, we continue to enhance the networking capabilities of Azure and more importantly develop new services and technologies to help customers run, manage, and achieve more when running their most demanding workloads.

Azure DDoS Protection

Last month we announced the general availability (GA) of the Azure DDoS Protection Standard service that provides enhanced DDoS mitigation capabilities for your application and resources deployed

Share