Azure Newsletter: October 2016

Stay informed about the latest Azure features, events and community activities. Browse through past newsletters or subscribe and get the latest Azure news delivered to your inbox.

Looking for a different month’s newsletter?
Look through our archive:

Be informed

Featured customer-submitted story: VoodooShield

VoodooShield is a patented toggling desktop shield gadget and computer lock that automatically locks the computer when it’s at risk and unlocks it when it isn’t. VoodooShield uses Azure Machine Learning to find new and unknown (zero-day) malware that can’t be detected by traditional antivirus methods. The VoodooAi engine consists of three Machine Learning models and algorithms that analyse approximately 40 features to determine a file’s maliciousness. These models are 98.6 to 99.4 per cent accurate, with 98.8 to 99.4 per cent precision and a recall rate of 99.5 to 99.8 per cent.

VoodooShield home page

Free eBook – Microsoft Azure Essentials: Fundamentals of Azure, Second Edition

This free Microsoft Press eBook covers the Azure fundamentals that you need to start developing solutions straight away. Discover the Azure features that you’re most likely to need. Download the eBook.

Free eBook download page

Adobe and Microsoft work together in the Azure cloud to help businesses transform customer engagement

At Microsoft Ignite, Adobe and Microsoft announced plans for a strategic partnership to help enterprise companies embrace digital transformation and deliver compelling, personalised experiences through every phase of their customer relationships. With this partnership, Adobe will make Azure its preferred cloud platform for the Adobe Marketing Cloud, Adobe Creative Cloud and Adobe Document Cloud. Azure provides Adobe with a trusted and global cloud and a powerful data platform for intelligent services, including comprehensive machine learning and cognitive capabilities in Microsoft Cortana Intelligence Suite and SQL Server. Watch this CNNMoney interview with Microsoft CEO Satya Nadella and Adobe CEO Shantanu Narayen.

Azure Security Center enhancements

Azure Security Center helps customers take control of cloud security policies, monitor the current security of Azure resources, and detect and respond to active attacks. Updates for Azure Security Center include: integrated vulnerability assessment, expanded web application firewall (WAF) capabilities, Azure Storage security assessment (coming soon), new detections, security incidents and threat intelligence reports.

Azure Active Directory with PingAccess: Bring secure access to even more on-premises web apps

Azure Active Directory (Azure AD) provides secure single sign-on to thousands of SaaS apps. Through Application Proxy, Azure AD can provide secure remote access to on-premises web applications that follow specific standards. Microsoft and Ping Identity will offer a version of PingAccess for Azure AD that will extend the ability of Application Proxy to provide secure remote access to more on-premises web applications. A preview of the service will be available in early 2017. Watch a video that describes the partnership.

Azure Key Vault Certificates simplify and automate tasks for SSL/TLS certificates

Azure Key Vault is introducing Key Vault Certificates to simplify tasks related to SSL/TLS certificates from supported third-party CAs. This enhancement helps customers enrol for and automatically renew certificates, while providing auditing trails within the same environment.

Four integrated services for Microsoft Operations Management Suite now available

Microsoft Operations Management Suite now offers four new integrated services for a complete Azure-based management solution: Insights & Analytics, Automation & Control, Security & Compliance and Protection & Recovery.

Microsoft Operations Management Suite releases Update Management

With Update Management, Microsoft Operations Management Suite helps customers keep IT systems updated without any unplanned application downtime. Customers can get time estimates and optimised sequences of updates for their Windows Server and Linux systems to improve application availability and their service-level agreement (SLA). They can integrate System Center Configuration Manager, Windows Server Update Services and third-party systems for orchestrated update runs from the cloud.

Azure DNS generally available

Available for use in all Azure public regions, Azure DNS lets customers host their Domain Name System (DNS) domains in Azure and manage DNS records using the same credentials, APIs, tools, billing and support as their other Azure services. Azure DNS also incorporates enterprise-grade security features in Azure Resource Manager for two-factor authentication, role-based access control and detailed audit logs. Azure DNS uses a global network of name servers for extremely high performance and availability, now backed by a 99.99 per cent availability service-level agreement (SLA).

Virtual network peering for Azure Virtual Network generally available

Virtual network peering for Azure Virtual Network lets customers directly link virtual machines in two virtual networks in the same region through private IP addresses as if they were part of the same network. Virtual network peering routes packets through the internal Azure backbone network, without any gateway in the path. This allows for a low-latency, high-bandwidth connection between virtual machines in different virtual networks.

Azure Application Gateway web application firewall in public preview

The web application firewall (WAF) in Azure Application Gateway protects web applications from common web-based attacks such as SQL injection, cross-site scripting attacks and session hijacks. It comes preconfigured with protection against threats identified by the Open Web Application Security Project (OWASP) as the top ten common vulnerabilities. Simple to deploy, the firewall provides logging to continuously monitor web applications for exploits. Customers can run WAF in both protection and detection-only modes. This public preview feature is being offered as part of the WAF tier.

HTTP/2 support for Azure Content Delivery Network from Akamai standard

HTTP/2 improves user experience by increasing web page loading speed and performance. This feature is now enabled by default at no additional cost for all customers using Azure Content Delivery Network from Akamai. The HTTP/2 edge server implementation is fully compliant with the HTTP/2 standard RFC 7540. (All HTTP/2 features are supported, with the exception of server push.) Main HTTP/2 features include multiplexing, header compression and stream prioritisation.

Ultra Performance Gateway tier for Azure ExpressRoute in public preview

The Ultra Performance tier connects a virtual network to an Azure ExpressRoute circuit. This tier provides five times more network throughput than the High Performance gateway. Customers can now deploy more network-intensive workloads into their virtual networks.

Accelerated Networking for Azure Virtual Machines in public preview

Customers now expect the performance of their virtual machines to match that of the physical box they can buy themselves. Accelerated Networking for Windows virtual machines on Azure offers networking speeds of up to 25 Gbps. Customers can achieve near-native performance on Windows virtual machines in the cloud, likely surpassing typical on-premises performance in terms of the speed and consistency that their applications require. Accelerated Networking is available in public preview for selected virtual machine types and regions at no extra cost.

H-Series instances for Azure Virtual Machines now available in South Central US region

At launch, the H-Series for Azure Virtual Machines will be amongst the fastest virtual machines available in the public cloud in terms of performance per core (ACU benchmark). Depending on the application and scenario offering, it gets as much as a 30 to 50 per cent performance increase compared to other virtual machines. For more H-Series benchmarks, visit the “Sizes for virtual machines in Azure” web pages for Windows and Linux. For CoreMark and SPECint results, visit the Compute benchmark scores for Windows VMs and Compute benchmark scores for Linux VMs web pages.

Maximise the reach of virtual machine-based services with new IPv6 for Azure Virtual Machines

It’s time to look beyond the IPv4 protocol. Many new mobile networks and new technologies, such as the Internet of Things (IoT), depend on the nearly unlimited address capacity offered by IPv6. Azure-hosted services now offer Azure IPv6-load-balanced, dual-stack (IPv4+IPv6) Internet connectivity for Azure Virtual Machines. Native IPv6 connectivity (TCP, UDP, HTTP(S)) all the way to the virtual machine enables a broad range of service architectures. IPv6 for Virtual Machines is now available in most Azure regions. Read more on the Azure Blog.

Azure Disk Encryption generally available for Windows and Linux for Standard and Premium IaaS virtual machines

Azure Disk Encryption for Linux IaaS virtual machines and support for virtual machines with Premium storage is generally available in all Azure public regions. With this announcement, Azure Disk Encryption for Windows and Linux Standard IaaS virtual machines is now generally available to enable, so customers can protect and safeguard the operating system disk and data disks at rest using industry-standard encryption technology. It’s integrated with Azure Key Vault to help customers manage their disk encryption keys and secrets in their Key Vault subscription.

Azure Service Fabric for Windows Server generally available

Azure Service Fabric for Windows Server is a standalone runtime that lets customers create their own Service Fabric cluster on any set of Windows Server 2012 R2 or 2016 hosts, whether on premises or in any cloud. This free download is now generally available with optional support provided through the purchase of an Azure support plan.

Azure Service Fabric Linux support in public preview

Azure Service Fabric now adds Linux as a choice of host operating system for Service Fabric cluster hosts. Linux hosts enable both Java and .NET applications running on Service Fabric. This capability is available in public preview alongside the already generally available choice of Windows Server. Read more on the Azure Blog.

Azure SQL Database Temporal Tables generally available

Temporal Tables let customers track the full history of data changes in Azure SQL Database without custom coding. Customers can focus data analysis on a specific point in time and use a declarative clean-up policy to control retention of historical data. Designed to improve productivity when customers develop applications, Temporal Tables can help support data auditing in applications, analyse trends or detect anomalies over time, implement slowly changing dimension patterns and perform fine-grained row repairs in cases of accidental data errors made by humans or applications.

Improved automatic tuning boosts Azure SQL Database performance

A major update to Azure SQL Database Advisor greatly reduces the time required to produce and implement index-tuning recommendations. Customers can now run their production workload in SQL Database for a day, and Advisor will offer relevant tuning recommendations to improve performance (and apply them when customers have enabled automated tuning).

Storage Service Encryption for Azure Storage generally available

Azure Storage announces the general availability of Storage Service Encryption for Azure Blob storage (Block and Page Blobs) with any new Storage account created through Azure Resource Manager. Accounts enabled with this feature will have data encrypted with Microsoft-managed keys using the industry-leading 256-bit Advanced Encryption Standard (AES-256) algorithm. Microsoft performs key management and rotation, and offers compliance with key standards.

Azure Premium Storage generally available in an additional region

Azure Premium Storage is a solid-state drive (SSD)-based storage solution designed to support I/O-intensive workloads. With Premium Storage, you can add up to 64 TB of persistent storage per virtual machine, with more than 80,000 I/O operations per second (IOPS) per virtual machine and extremely low latencies for read operations. Offering a service-level agreement (SLA) with 99.9 per cent availability, Premium Storage is now available in the North Central US region, as well as other previously announced regions.

Improving Azure App Service Node.js and PHP developer experience with Linux support

In March 2015, Azure App Service became generally available, with the goal of making it easier for web developers to do cool things in the cloud. In addition to a great experience for .NET developers, it also supports PHP, Node.js, Java and Python stacks, as well as a number of open-source web products. A new public preview introduces native Linux support for Node.js and PHP stacks.

Azure Logic Apps generally available in Visual Studio

Customers will now be able to deploy Azure Logic Apps from Visual Studio in their production environment. This feature lets them leverage both designer and code views directly from Visual Studio. Customers can also manage source control and don’t have to use production tools to build out Logic Apps. Logic Apps enterprise integration tools for Visual Studio 2015 also provide a schema editor, flat file schema generator, and an XSLT mapper to easily create Integration Account artefacts from Visual Studio.

Azure Event Hubs Archive in public preview

Customers can now automatically deliver streaming data in their event hubs into an Azure Blob storage account, with the ability to specify a time or size interval. Archive is quick to set up. It doesn’t add any administrative costs and scales automatically with Azure Event Hubs throughput units. Event Hubs Archive lets customers focus on data processing rather than data capture. They can load data into Azure Data Lake, Azure Data Factory and Azure HDInsight to perform batch processing and other analytics.

New Customer Stories website is now live

Hosted on Azure, the Customer Stories website brings together all of the rich customer stories from across Microsoft, and around the world, in one visually engaging website. Features include a redesigned look and feel, improved tagging with state-of-the-art search capabilities, and high performance for the site, allowing speedy searching and quick access to stories. These stories regularly appear in the Be Inspired section in our newsletter, so take a look at this month’s feature.

Be empowered

Azure Redis Cache administration options

Azure Friday’s Seth Juarez learns about new Azure Redis Cache administration options that allow you to test your application for connection resiliency in case of a failure and schedule updates to Azure Redis Cache. Watch now.

Azure Redis Cache video page

Join us at one of 17 Microsoft Tech Summit events around the world

Whether you’re already cloud-savvy or are just getting started, you’ll learn new techniques and best practices directly from top Microsoft engineers who build and run cloud services across Azure, Office 365 and Windows 10. Choose from over 70 technical sessions across Azure and the hybrid platform, including security, networking, data, storage, identity, mobile, cloud infrastructure, management, DevOps, app platform and more. Reserve your seat today for one of the first ten cities.

Gears of War game studio gets epic overhaul with help from Microsoft IT

A small squad of Microsoft IT professionals has done for Gears of War 4 what Delta Squad did for humanity. No, they didn’t fight off swarms of subterranean reptilian hominids, but in their quiet and geeky way, they totally saved the day. Read more on IT Showcase.

Gears of War IT showcase page

Architecting Microsoft Azure Solutions

Watch this on-demand edX course and apply what you already know about implementing solutions on Azure to learn solution design skills. A team of expert instructors will teach you to identify trade-offs and make decisions for designing public and hybrid cloud solutions. This course also helps prepare you for Microsoft Certification Exam 70-534: Architecting Microsoft Azure Solutions.

Cloud Cover: Service Fabric

In part 1, learn about different service types, programming models, tools and services provided by Azure Service Fabric to help developers build cloud-scale applications. Get answers to questions about capacity plans, Cloud Service migration, state management and overall application life cycle management. In parts 2 and 3, we’ll go in-depth into two interesting topics: container integration and Linux support.

Cloud Cover Service Fabric video page

You may also be interested in the episode on Azure App Service best practices for large-scale applications.

Prepare for Exam 70-398: Planning for and Managing Devices in the Enterprise

Preparing for Certification Exam 70-398? Watch this course for accelerated exam prep presented by Microsoft senior mobility consultants who work with Enterprise Mobility + Security technology every day. Go through the exam modules, work on sample questions and learn to design for cloud/hybrid identity, device access and protection, remote access and more.

Be entertained

Cloudtweaks home page

*Comic source: Reprinted with permission.

Be inspired

Australian state port authority modernises IT infrastructure with Microsoft cloud services

The Port Authority of New South Wales is an Australian state-owned corporation responsible for commercial maritime operations across several ports on the country’s east coast. Following partial privatisation and subsequent port mergers, the Port Authority decided to migrate its disaster recovery and development environments to the Azure platform, taking advantage of Microsoft Operations Management Suite for backup and site recovery.

Learn more

Be enhanced


Azure Marketplace Check Point page

Advanced threat prevention security for Azure

Migrating to the Azure cloud shouldn’t be a security challenge. Check Point’s vSEC cloud security and unified management provides a comprehensive firewall and industry-leading threat prevention security in the Azure cloud. vSEC protects all of your Azure cloud assets from cyber threats, zero-day exploits and malware. Try it free of charge for 30 days.

Azure Marketplace

Featured: TIBCO empowers customers to extend their on-premises DataSynapse GridServer workloads to Azure

New mandates for large international banks, including Basel III, RWA, FRTB, Dodd-Frank and others, are quickly approaching. TIBCO DataSynapse GridServer customers can dynamically allocate resources in Azure based on the urgency of calculation tasks, allowing it to manage grid overload, service-level agreements (SLAs) and many other factors.

Visit Marketplace page

New: Manage your ESET security from the cloud

ESET Remote Administrator 6 Virtual Machine for Azure provides single console management of ESET security solutions in the cloud. ESET Remote Administrator is the single-pane-of-glass console designed to manage ESET’s broad portfolio of security solutions for desktops, servers and mobile devices. Equipped with an interactive dashboard, it provides optimised user experiences for organisations of all sizes.

Visit Marketplace page

New: Announcing breakthrough disaster recovery for Azure

Looking for enterprise-class business continuity and disaster recovery for Azure? Zerto, a pioneer in the field of IT resilience, provides award-winning software for continuous availability and disaster recovery. Zerto customers realise recovery point objectives of seconds and recovery time objectives of minutes, along with enterprise-class orchestration capabilities, stellar performance and rock-solid compliance reporting. Watch the webinar.

Visit Marketplace page

Editor’s note


One of my favourite things about Microsoft is the diversity of expertise and variety of new projects. (And with so many new releases and announcements, it’s hard not to make the newsletter so long every month!) Did you know that Microsoft employs people who have experience in biology and medical research? Take a look at this article about how people here are using technology, including Azure, to work out how to “solve” cancer.

By the way, I used to work at Adobe – it’s great to see our new partnership being announced at Ignite!