Azure Active Directory now provides conditional access policies that let you create access rules for Azure Active Directory-connected apps based on user location and group membership. More sensitive apps can be assigned stricter policies, such as requiring Azure Multi-Factor Authentication outside of the corporate network, while less sensitive apps can have more open policies.
Azure Active Directory Domain Services provide scalable, high-performance, managed domain services such as domain-join, LDAP, Kerberos, Windows Integrated Authentication and Group Policy support. With the click of a button, administrators can enable managed domain services for virtual machines and directory-aware applications deployed in Azure Infrastructure Services. Built on the same underlying technology as Windows Server Active Directory, Azure Active Directory Domain Services provide an easy way to migrate traditional on-premises applications to the cloud.
With this preview, administrators set rules on any group in Azure Active Directory based on user attributes like “department” or “country” to dynamically define group membership. These groups can be used to provide access to applications or cloud resources or assign licenses to users.
Azure Active Directory lets you assign shared application accounts to groups. This is particularly useful for managing access to company-owned social media accounts like Twitter, Facebook or LinkedIn. The real password for these accounts is known only to the administrator, while other members of the group use their work credentials to access them. This enhances security by letting you configure passwords to automatically roll over, which makes shared accounts more secure by automatically creating new, strong, complex passwords at an interval that you define, minimizing the risk that company-owned social media accounts will be exploited.
Privileged Identity Management, a new feature of Azure Active Directory Premium, lets you discover, restrict and monitor privileged identities and their access to resources and also enforce on-demand, just-in-time administrative access when needed. Access this new capability, currently available in public preview, through the Microsoft Azure portal.
This preview lets users of Azure Active Directory choose from a list of applications made available by their organization and request access to them through a self-service process. This process can either provide access to the chosen application immediately or via an approval workflow.
Visual Studio Application Insights is an all-in-one telemetry solution that helps you detect issues, solve problems and continuously improve your web applications. It's designed to be an integral part of your development process and provides real time, 360° views of app availability, performance, and usage. Take advantage of its powerful data exploration tools for swift proactive and reactive issue-handling. Learn how your users are using your application, and make informed decisions to focus your investment where it matters most.
Use Azure Billing Alert Service to quickly and easily create customized billing alerts that help you monitor and manage billing activity for your Azure accounts.
A portfolio of APIs and SDKs that enable developers to easily add intelligent services, such as vision, speech, language, knowledge and search capabilities, to their solutions.
The Data Lake analytics service is a new distributed analytics service built on Apache YARN that dynamically scales so you can focus on your business goals, not on distributed infrastructure. Instead of deploying, configuring and tuning hardware, you write queries to transform your data and extract valuable insights. The analytics service can handle jobs of any scale instantly by simply setting the dial for how much power you need. You only pay for your job when it is running making it cost-effective. The analytics service supports Azure Active Directory letting you simply manage access and roles, integrated with your on-premises identity system. It also includes U-SQL, a language that unifies the benefits of SQL with the expressive power of user code. U-SQL’s scalable distributed runtime enables you to efficiently analyze data in the store and across SQL Servers in Azure, Azure SQL Database and Azure SQL Data Warehouse.
Azure DNS lets you host your DNS domains alongside your Azure apps. By hosting your domains in Azure, you can manage DNS records using your existing Azure subscription. The Microsoft global network of name servers has the reach, scale, and redundancy needed to ensure ultra-fast DNS responses and ultra-high availability for your domains. With Azure DNS, you can be sure that your DNS will always be fast and available.
Dynamic Data Masking for Azure SQL Database helps further protect sensitive data from unauthorized access. Dynamic Data Masking is a policy-based security feature that helps limit the exposure of data in a database by returning masked data to non-privileged users who run queries over designated database fields, such as credit card numbers. The actual data in the database is not changed and the data masking is done on-the-fly as queries are processed.
Dynamic Data Masking is available in SQL Database V12. Learn more about upgrading.
Azure Functions is an event-based, compute-on-demand experience that tells Azure to run code when triggered by events occurring in other Azure services, SaaS products, and on-premises systems. Use an intuitive, browser-based interface to create scheduled or triggered pieces of code in a variety of programming languages. Your applications then scales based on demand, so that you pay only for the resources you use.
Azure Media Analytics, a collection of speech and vision components that make it easier for organizations and enterprises to derive actionable insights from their video files through advanced machine learning technology. Azure Media Analytics services are hosted on the Azure Media Services platform, Azure’s cloud media solution for encoding, encrypting, and streaming audio or video at scale, live or on demand (VOD). Media Analytics services are offered at enterprise scale, delivering the compliance, security and global reach large organizations need.
Azure Resource health is a new service that exposes the health of the individual Azure resources and provides actionable guidance to troubleshoot problems. The goal for Resource health is to reduce the time customers spend on troubleshooting, in particular reducing the time spent determining if the root of the problem lays inside the application or if it is caused by an event inside the Azure platform.
R Server for HDInsight is a scale-out implementation of R integrated with Hadoop and Spark clusters created from HDInsight. It’s a 100 percent open-source R implementation that runs in the cloud.
This preview introduces the next generation of the Azure SQL Database service. It brings near-complete SQL Server engine compatibility and more premium performance to the SQL Database service. Key improvements include support for larger databases with online indexing and parallel queries, improved Transact-SQL (T-SQL) support with a common language runtime and XML index, and support for in-memory columnstore indexing. Enroll for the preview using the Microsoft Azure portal.
Storage Service Encryption for Azure Blob storage helps you address organizational security and compliance requirements by automatically encrypting your Blob storage - including block blobs, page blobs and append blobs. Azure Storage handles all the encryption, decryption and key management in a totally transparent fashion. All data is encrypted using 256-bit AES encryption, one of the strongest block ciphers available. You can enable this feature on newly created ARM storage accounts and there is no additional charge for enabling this feature.
The StorSimple Virtual Array gives you the same benefits of StorSimple hardware appliances—primary storage, snapshots, and offsite data protection through hybrid integration with Azure—in a virtual machine form. Offering incredible deployment flexibility, StorSimple Virtual Array supports both VMware and Hyper-V as host platforms and presents native iSCSI and SMB protocols.