Here Are 10 Of The Latest Microsoft Azure Updates

“We’ve been driving business to cloud for quite a bit now, so it’s actually been great when Microsoft backs up their words with actions,” Kelly Yeh, president of Chantilly, Va.-based Microsoft partner Phalanx Technology Group, tells CRN in an interview. “It definitely gives us a lot more credibility to our clients that we’re selling these cloud solutions to.”

Tools to make migrations easier, expanded Availability Zone support for secure virtual hubs and a way to preview Windows 11 through Azure Virtual Desktop are among the biggest updates to the Microsoft cloud product launched during the quarter.

Microsoft is often considered the No. 2 cloud provider behind Amazon Web Services, although solution providers recently surveyed by CRN award Azure with the highest overall satisfaction rating compared to AWS and Google Cloud.

Kelly Yeh, president of Chantilly, Va.-based Microsoft partner Phalanx Technology Group, told CRN in an interview that he appreciates the new resources to account for different client scenarios and needs around moving to the cloud and adopting cloud-based tools.

[RELATED: The 10 Hottest Microsoft Azure Tools Of 2021 (So Far)]

“We’ve been driving business to cloud for quite a bit now, so it’s actually been great when Microsoft backs up their words with actions,” Yeh said. “It definitely gives us a lot more credibility to our clients that we’re selling these cloud solutions to.”

Here’s what you need to know.

Azure Migration And Modernization Made Easier

Microsoft has renamed its Azure Migration Program that provides customers guidance and best practices for migrating to the cloud to the Azure Migration and Modernization Program, or AMMP. AMMP received new support for Azure Spring Cloud and Azure Cosmos DB, Microsoft announced in July.

As for app modernization tools, the Azure Migrate: App Containerization tool that helps users containerize and deploy .NET and Java applications onto Azure Kubernetes Service (AKS) expanded support for container deployments to Azure App Service and enabled management of application certificates, parameterized configurations and other application secrets through Azure Key Vault, according to Microsoft.

The company also made Azure Arc-enabled Azure SQL generally available in July for customers to manage hybrid SQL Server environments during and after migration, according to Microsoft.

In September, Microsoft launched a public preview of an expanded Azure SQL Migration that works with Azure Data Studio to guide users through the database migration, whether the migration is from on-premises to Azure Virtual Machines or a migration and modernization to platform-as-a-service Azure SQL Managed Instance.

The extension also assesses SQL Server databases for Azure suitability and readiness, according to Microsoft.

Spring Boot Adoption Simplified

This month, Microsoft made Azure Spring Cloud Enterprise available in preview. The managed service for scaling Spring Boot applications is a collaboration with VMware to combine Microsoft’s cloud platform capabilities with VMware Tanzu. The companies made Azure Spring Cloud generally available last year, but now they have added managed services for enterprises, developer

The service adds Tanzu Build Service, Tanzu Application Configuration Service, Tanzu Service Registry to a managed Azure infrastructure, with features like Tanzu Spring Cloud Gateway and Spring Cloud Data Flow coming, according to Microsoft.

Customers can use existing Azure provisioning and application performance management tools, access Spring experts and Spring projects designed for enterprises.

The tech giant also announced an integration with Dynatrace Software Intelligence Platform to give users a tool across Azure Spring Cloud instances for discovering and mapping application components, databases, eventing systems and relationships, among other functions.

Improvements In Azure Firewall

Microsoft introduced several new capabilities to managed cloud-based network security service Azure Firewall, including auto-generated self-signed certificates for Azure Firewall Premium SKU. This mechanism automatically creates a managed identity, a key vault and the certificate, ties them together and sets up transport layer security (TLS) inspection.

The tech giant also expanded support for multiple Availability Zones support for Secure Hub to give secured virtual hubs 99.99 percent uptime.

Firewall’s Forced Tunnel mode now lets users operate the security service without a public IP address, instead using a management network interface controller and forcing internet traffic to another Firewall or completely blocking it.

In July, Microsoft madeAzure Firewall Premium generally available for highly regulated environments. The tool comes with TLS inspection, URL filtering, a signature-based intrusion detection and prevention system, control over user access to social networks, search engines and different web categories.

Expanded Azure Disk Storage Features

Earlier this month, Microsoft made zone-redundant storage (ZRS) generally available for its Azure Disk Storage resiliency feature for its West U.S. 2, West Europe, North Europe and France Central regions. ZRS provides synchronous replication of block storage across three zones in a region, allowing for zone failures due to natural disasters or hardware issues, according to the tech giant. ZRS can provider higher availability for SAP and SQL Server workload clustering, container applications, legacy applications and other scenarios.

ZRS is supported for Azure Premium SSDs and Azure Standard SSDs, according to Microsoft. Virtual machines can share ZRS disks, which can be attached to primary and secondary VMs in different zones. ZRS can save independent software vendors (ISVs) on locally redundant storage because they no longer need to host VMs in two zones and replicate data between them.

In August, Microsoft made Container Storage Interface storage driver support on Azure Kubernetes Service, allowing users native leverage of Azure Disk Storage for mission- and business-critical workloads.

Capacity Changes For Azure Virtual Machines

Microsoft launched a preview of on-demand capacity reservations for Azure Virtual Machines (VMs) so users can deploy and manage the compute capacity needed for Azure VMs separately from the VMs.

Users can protect capacity when taking VMs offline for updates, set aside capacity for seamless recovery when a natural disaster strikes and to reserve capacity before an event to handle extra demand, according to Microsoft.

A defined service level agreement will come when the feature is generally available, according to Microsoft. The preview supports general-purpose VM families, with additional supported VM series and scenarios expected later this year.

In addition to on-demand capacity reservations for Azure VMs, Microsoft and IBM this month made IBM WebSphere generally available on Azure VMs for a variety of production-ready deployment architectures and launched a public preview for elastic VM profile and automatic scaling for Azure VM Scale Sets.

Windows 11 Preview On Azure Virtual Desktop

Microsoft released several important updates for Azure Virtual Desktop (AVD) this quarter. In September, Microsoft made screen capture protection generally available on AVD for automatically locking or hiding remote content in screenshots and screen shares.

In August, Microsoft launched a public preview of its upcoming Windows 11 operating system on AVD. “The user experience with Azure Virtual Desktop is intended to be identical to the local PC experience,” according to Microsoft. “Some higher-end graphics effects, such as transparencies, animations, and rounded corners, may require using Azure Virtual Desktop with an Azure VM with the right GPU support.”

And in July, Microsoft made Start VM on connect capability in AVD generally available to help cut down on deployment costs by turning on shutdown and deallocated virtual machines in an AVD host pool when a user tries to connect to them.

Azure Virtual Networks Limitation Removed

Microsoft made its Azure Route Server managed service generally available this month with the goal of simplifying dynamic routing between network virtual appliances and virtual networks. Users can establish Border Gateway Protocol peering between an appliance and Azure Route Server to advertise IP addresses from the appliance to the virtual network.

In August, Microsoft launched a preview that removes a limitation to Azure virtual networks. The limitation only allowed address space changes if the network doesn’t have peerings, so users with the preview can allow virtual network resizing without downtime. With the preview, users no longer have to delete existing peerings before adding or deleting address prefixes on virtual networks.

Users can add or remove address space on virtual networks peered with another in the same region, across regions and across subscriptions. However, virtual networks with peerings across Active Directory tenants are not supported yet.

Azure Database On PostgreSQL Upgraded

Along with the new extension for Azure SQL migrations, Microsoft released a batch of updates for Azure’s database offerings in August.

Microsoft made managed PgBouncer, a Postgres connection pooling tool, generally available for Azure Database on PostgreSQL - Hyperscale (Citrus). “PgBouncer with Azure Database for PostgreSQL – Hyperscale (Citus) allows you to use the same benefits as the rest of the managed service, including regular updates and high availability—if it is enabled for the Hyperscale (Citus) server group,” according to the tech giant.

The company also made generally available columnar compression with Citrus 10 on Azure Database for PostgreSQL, allowing for data groups by column instead of just row; asynchronous replication of data from one server group to others in the same region as read-only and a server group restart feature.

Security Boost For Windows Server IoT 2022

Earlier this month, Microsoft’s Windows Server IoT 2022, part of the Azure Edge Devices and Windows IoT stack, became generally available for users to securely run workloads, allow new hybrid cloud scenarios and modernize applications.

This edition of Windows Server IoT comes with multi-layer security with secured-core server and secured connectivity. Users can connect on-premises Windows Server IoT 2022 to the cloud through Azure Arc and use File Server enhancements, including SMB Compression.

Windows Server IoT 2022 improves Windows containers’ application compatibility, introduces HostProcess containers for node configuration and allows consistent network policy implementation with Calico, among other features, according to Microsoft.

Windows Server IoT 2022 is available in six different editions for license through the original equipment manufacturer channel under special dedicated use rights.

Multi-Cloud Help For Azure Kubernetes Service

Azure Kubernetes Service (AKS) users gained a public preview earlier this month of custom policy support for AKS clusters, according to Microsoft.

Users can create and assign custom policy definitions and constraint templates to their clusters with this feature. A new Azure property in this update allows users to define source type for the constraint template. The Azure Policy Visual Studio Code Extension allows for custom definitions and auto-generation of policy definition JSON files.

In August, AKS private clusters gained the ability to support Public DNS as a name resolution option. This generally available feature helps with peering scenarios and multi-cloud and hybrid implementations, according to Microsoft. The feature creates a public DNS record tied to the private IP of the Kubernetes application programmable interface (API) server. That server remains non-publicly routable.