Anyone that follows Azure closely knows that changes happen in Microsoft’s infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) cloud on a weekly basis. Typically these improvements are given a soft announcement via a blog. But every few months, Microsoft has an opportunity, either at a large in-person event or an online event, to make a large set of significant announcements. Microsoft ran an online event called AzureCon at the end of September and used this as a venue to launch a number of new Azure services. I’ll summarize the changes that are relevant to IT pros in this article.
Microsoft Azure Momentum
Azure continues to grow. Some of the huge numbers that Microsoft have announced include:
- There are 777 trillion storage transactions in Azure every day.
- Over 500 million user accounts are stored in Azure Active Directory
- Over 40% of revenue is created by ISVs and start-up businesses
- 1 million CPU cores were added to Azure in the last 45 days, which was stated at a Microsoft Ireland event on October 8
Azure Security Center
This new service recognizes that those who are using the cloud know little about securing the cloud. The new Azure Security Center (ASC), which will be broadly available by the end of 2016, will provide a central console to manage the security of your deployment in Azure. You can do the usual things that you would expect in a security solution, such as policy deployment, detection, alerting and reporting, but ASC provides intelligence, too.
ASC will gather data from your Azure subscription, from the reset of Azure, and from partner virtual appliances from the likes of Barracuda, Checkpoint, Cisco, CloudFlare, F5 Networks, Imperva, Incapsula, and Trend Micro. This allows you to understand what is going on in your Azure deployment. The aggregation of data from around Microsoft and partners allows ASC to understand threats that you have not had to deal with; this means that if a new attack that has been seen elsewhere before it hits your deployment, then ASC will identify it, and you can defend your business.
Some things you can expect are identification of challenging threats:
- Data leakage: via a successful penetration.
- DDOS: Identify the start of a distributed denial of service attack.
- SQL injection: Trap attacks that target poor programing at the application layer.
- Attack source: ASC might even be able to ID the source of an attack, such as a DDOS control point.
N-Series Virtual Machines
Every now and then I am asked if Azure has virtual machines that offer graphic processing units. It’s not that they want to play games via RDP in the cloud, as GPUs are math co-processors and are tuned to crunch numbers. This makes them superb for large-scale compute operations, such as HPC, rendering, and more.
Microsoft is introducing a new series of virtual machines called the N-Series that will run on hosts with GPUs, which is in preview in the coming months. Microsoft will be using NVIDIA Tesla Accelerated Computing Platform and NVIDIA GRID 2.0 technology and is proclaiming this to be the best of its type in the cloud today.
DV2-Series Virtual Machines
The D-Series virtual machines were launched with Intel Xeon processors and a temporary paging drive that is kept on a host-local SSD volume. The advantage of D-Series over A-Series is a much 60 percent faster processor and the ability to page and cache on a high speed (IOPS and throughput) and low latency disk.
Microsoft reduced the price of D-Series virtual machines by around 20 percent on October 1, while also introducing a new generation of D-Series hosts that are available today. DV2-Series virtual machines runs on newer hardware and features a customized Intel Xeon E5 2.4 GHz processor that can turbo boost up to 3.2 GHz, making the DV2 virtual machine 35 percent faster than a D-Series virtual machine.
Three new Azure regions were opened in India:
- Central India: Pune
- South India: Chennai
- West India: Mumbai
Note that access to these regions is limited to volume licensing customers or partners with a local enrolment in India at this time.
Azure Container Service
Those doing DevOps in Azure with containers will be delighted to learn about Azure Container Service, which will launch in preview before the end of 2016. This will give you a single point of deployment and automation for containers, initially on Linux virtual machines and eventually on Windows Server 2016 virtual machines. Azure Container Service will unify services from Docker, Mesosphere, Marathon and Chronos.
This strikes me as being very similar to what Microsoft has done with Hadoop — using and contributing back to open source to bring an integrated but standardized service into Azure. How Microsoft has changed!
Lots of Additional Microsoft Azure Announcements
A number of other announcements were summarized:
- ExpressRoute (a private and SLA-controlled WAN connection) for Office 365 went GA.
- Customers can choose between speed-based and transfer-based billing for ExpressRoute.
- The A8-A11 virtual machines were reduced in price by as much as 60 percent.
- Azure File Storage went GA, offering SMB 3.0 sharing for application data.
- Azure Backup’s Project Venus kicked off.
- Azure Resource Health will go live soon, offering a view of the health of the underlying fabric that your services are running on.