Azure Security Center provides several threat prevention mechanisms to help you reduce surface areas susceptible to attack. One of those mechanisms is Just-in-Time (JIT) VM Access. Today we are excited to announce the general availability of Just-in-Time VM Access, which reduces your exposure to network volumetric attacks by enabling you to deny persistent access while providing controlled access to VMs when needed.
When you enable JIT for your VMs, you can create a policy that determines the ports to be protected, how long ports remain open, and approved IP addresses from where these ports can be accessed. The policy helps you stay in control of what users can do when they request access. Requests are logged in the Azure Activity Log, so you can easily monitor and audit access. The policy will also help you quickly identify existing virtual machines that have JIT enabled and virtual machines where JIT is recommended.
When we announced the preview of our new NCv3 virtual machines back in November, I knew they’d be very popular with our customers. NCv3 brings NVIDIA’s latest GPU – the Tesla V100 – to our best-in-class HPC, machine learning, and AI products to bring huge amounts of value across a variety of industries. One preview customer told us their speech recognition models trained in less than 20 minutes, instead of the 1-2 hours that previous generation GPUs required. Another customer told us about the 40-50% performance boost they saw on their reservoir simulations.
With these fantastic customer success stories, I am ecstatic to announce that the NCv3 virtual machines are now generally available in the US East region. We’ll be adding NCv3 to EU West and US South Central later this month. We’ll add AP Southeast in April and UK South and IN Central in May.
But this isn’t the only GPU announcement I am making today. We’re also expanding our NV series, which enables powerful remote visualization applications, into the US East 2, US Gov Virginia, and Central India regions. And our ND series, designed for AI and machine learning workloads, are expanding into the US South Central, AP
A few months ago, we announced Azure Migrate – a new service that provides guidance and insights to help you migrate to Azure. Today, we’re excited to announce that Azure Migrate is generally available.
Azure Migrate is offered at no additional charge and provides appliance-based, agentless discovery of your on-premises environments. It enables discovery of VMware-virtualized Windows and Linux VMs today and will enable discovery of Hyper-V environments in the future. It also provides an optional, agent-based discovery for visualizing interdependencies between machines to identify multi-tier applications. This enables you to plan your migration across three dimensions:
Readiness: Are the machines that host my multi-tier application suitable for running in Azure? Rightsizing: What size will my Azure VM be, based on my machine’s configuration or utilization? Cost: How much will my recurring Azure costs be, taking into account discounts like Azure Hybrid Benefit?
Many of you are already using Azure Migrate in production to accelerate your migration journey. Thank you for using the preview service, and for providing us with valuable feedback. Here are some new features added after the preview:
Configuration-based sizing: Size your machine as-is, based on configuration settings such as number of CPU cores and size
We are thrilled to announce the availability of B-series VM’s, burstable VM’s in Azure Container Service (AKS).
Burstable VM’s (B-series) are significantly cheaper compared to standard and optimal recommended VM’s like Standard_DS2_V2. B-series VM’s are particularly suited for development and test environments where performance requirements are bursts rather than consistent. In fact, B-Series provides the cheapest cost with bursts CPU usage and thus reduces development and test environment costs significantly. We hope that this addition will significantly reduce the cost of learning Kubernetes AKS, building proof of concepts on Azure Container Service (AKS), running dev/test workloads, etc.
The following configurations are available today.
SKU Type VCPUS GB Ram Data Disks Max IOPS Local SSD B1s Standard 1 1 2 800 2GB B1ms Standard 1 2 2 1600 4GB B2s Standard 2 4 4 3200 8GB B2ms Standard 2 8 4 4800 16GB B4ms Standard 4 16 8 7200 32GB B8ms Standard 8 32 16 10800 64GB
In comparison, a Standard_DS2_V2 node costs greater than five times the B1/B2 SKU’s today. Check the latest VM pricing.
To get started log on to the Azure portal and search for Container Service (managed). As you follow the AKS create cluster workflow, you will
Today, we are excited to announce the public preview of backup for Azure file shares. Azure Files is a cloud-first file share solution with support for industry standard SMB protocol. Through this preview, Azure Backup enables a native backup solution for Azure file shares, a key addition to the feature arsenal to enable enterprise adoption of Azure Files. Using Azure Backup, via Recovery Services vault, to protect your file shares is a straightforward way to secure your files and be assured that you can go back in time instantly.
Key features Discover unprotected file shares: Utilize the Recovery Services vault to discover all unprotected storage accounts and file shares within them. Backup multiple files at a time: You can back up at scale by selecting multiple file shares in a storage account and apply a common policy over them. Schedule and forget: Apply a Backup policy to automatically schedule backups for your file shares. You can schedule backups at a time of your choice and specify the desired retention period. Azure Backup takes care of pruning these backups once they expire. Instant restore: Since Azure Backup utilizes file share snapshots, you can restore just the files you need instantly
When we announced our partnership with Cray, it was very exciting news. I received my undergraduate degree in meteorology, so my mind immediately went to how this could be a benefit to weather forecasting.
Weather modeling is an interesting use case. It requires a large number of cores with a low-latency interconnect, and it is very time sensitive. After all, what good is a one hour weather forecast if it takes 90 minutes to run? And weather is a very local phenomenon. In order to resolve smaller scale features without shrinking the domain or lengthening runtime, modelers must add more cores. A global weather model with a 0.5 degree grid spacing can require as many as 50,000 cores.
At that large of a scale, and with the performance required to be operationally useful, a Cray supercomputer is an excellent fit. But the model by itself doesn’t mean much. The model data needs to be processed to generate products. This is where Azure services come in.
Website images are one obvious product of weather models. Image generation programs require small scale and can be done in parallel, so they’re great for using the elasticity of Azure virtual machines. The same can
We are happy to announce that Azure Site Recovery (ASR) now provides you the ability to setup Disaster Recovery (DR) for IaaS VMs using managed disks. With this feature, ASR fulfills an important requirement to become an all-encompassing DR solution for all of your production applications hosted on laaS VMs in Azure, including applications hosted on VMs with managed disks.
Managed disks provide several advantages including simplification of storage management and guaranteeing industry-leading durability and availability for disk storage.
When you protect virtual machines on managed disks, Azure Site Recovery creates a replica managed disk in the target region corresponding to each managed disk of your production VM in the primary region. This replica disk acts as the data store for the source disk in the primary region, thus eliminating the need to create and manage multiple storage accounts in the target region to store data for your protected machines.
Let us look at an example of protecting a virtual machine with five managed disks. As shown below in Fig 1 and Fig 2,
You can enable protection for the Virtual machine via the virtual machine experience or through the recovery services vault experience.If you plan to use the virtual
We are excited to announce the general availability (GA) of application consistent backup for Linux VMs running in Azure using Azure Backup. We did a preview of this feature last year and customers are already using this framework for various applications like Oracle, MySQL, Mongo DB, SAP HANA, and PostGreSQL.
What is application consistent backup?
Application consistent backup ensures that the backed-up data is transactionally consistent, and that applications will boot up post VM restore. To ensure transactional consistency, applications need to be quiesced and there should be no unfinished transactions when taking a VM snapshot.
Windows has the Volume Snapshot Service (VSS) framework to ensure application consistent VM backup, but there is no such generic framework for Linux. With greater adoption of Azure Linux VMs, there is an increasing demand to backup critical enterprise applications running inside Azure VMs. We introduced a VSS-like generic framework for ensuring application consistent VM backup for Linux applications running on any Linux distribution. This framework gives you the flexibility to execute custom pre and post scripts as part of the VM backup process. These scripts can be used to quiesce application IOs while taking a VM snapshot that guarantees application consistency.
Microsoft becomes the first hyperscale cloud provider to offer SAP HANA supportable VMs in the UK.
Azure Virtual Machines (VMs) customers can now take advantage of the Azure M/V3/B-series of VM sizes available in the UK South region. We’re also excited to announce that Azure is the first hyperscale cloud provider to offer VMs optimized for large in-memory workloads such as SAP HANA in the UK.
New Azure M series – The Azure M-series is perfectly suited for your large in-memory workloads like SAP HANA and SQL Hekaton. With the M-series, these databases can load large datasets into memory and utilize fast memory access with massive virtual CPU (vCPU) parallel processing to speed up queries and enable real-time analytics.
Learn more about M-Series.
Size vCPU’s Memory (GiB) Local SSD (GiB) Max data disks M64s 64 1024 2048 32 M64ms 64 1792 2048 32 M128s 128 2048 4096 64 M128ms 128 3800 4096 64
New Azure B series – B-series VMs provide the lowest cost option for customers with flexible vCPU requirements. These are useful for workloads like web servers, small databases, and development or test environments where CPU utilization is low most of the time, but spikes for
Azure Network Watcher Connection Troubleshoot, previously in preview as Connectivity Check, is making general availability sporting a new name. Connection Troubleshoot, part of our Network Watcher suite of networking tools and capabilities, enable you to troubleshoot network performance and connectivity issues in Azure.
Continuing the expansion of tools within Azure Network Watcher, this new addition provides visualization of the hop by hop path from source to destination, identifying issues that can potentially impact your network performance and connectivity.
Network Watcher Connection Troubleshoot features
With the addition of Connection Troubleshoot, Network Watcher will see an incremental increase in its capabilities and ways for you to utilize it in your day to day operations. You can now:
Check connectivity between source (VM) and destination (VM, URI, FQDN, IP Address) Identify configuration issues that are impacting reachability Provide all possible hop by hop paths from the source to destination Hop by hop latency Latency – min, max, and average between source and destination A topology (graphical) view from your source to destination Number of packets dropped during the connection troubleshoot check
Connectivity troubleshoot check graph view output Source: Azure VM and Destination: www.bing.com.
What kind of issues can Connection Troubleshoot detect?