Azure Network Announcements at Ignite 2017

My blog has been very quiet recently having taken a few weeks off to spend time with the family, before joining Insight UK as a Cloud Architect in the Hybrid Cloud Team. The new role is exciting and with all of the innovations in the cloud space across all vendors, it’s a great time to join Insight to help them with their quest to advise and help clients and the community in leveraging this.  However, enough of the excuses about why things have been quiet… Smile 

Image result for no excuses

Ignite 2017 is like Christmas for anyone with interest in the Microsoft ecosystem and there have been a ton of announcements from a technical, strategy and business perspective to keep us all busy for some time to come. I’ve been collating my thoughts and plan on pulling together an all up view of the event once it wraps up.

One of the key things to peak my interest (being heavily focused on Azure) is the announcements today in the networking space. The following Microsoft Azure Blog post by Yousef Khalidi, CVP of Azure Networking provides a great overview:

https://azure.microsoft.com/en-gb/blog/azure-networking-announcements-for-ignite-2017/

At first glance on the above blog I expected a small number of changes/innovations however there is 22 (with my very rough counting!) individual areas in the announcements. From general performance, better availability through to enhancements in monitoring and management. Some of the key areas that interested me include:

  • Virtual Network Service Endpoints – this is a very positive change. A number of customers questioned the need to publically address Azure services citing obvious security concerns and how this would be managed. There key question was always “how do I turn this off?” From an architecture perspective I guess the key challenge for MS was on-going management, how it would be accessed, etc. This new innovation removes the requirements for the public endpoint instead allowing you (if you want to!) restrict access to the service from your own VNet, not the internet. Awesome! As per the original MS blog, more info can be found here: https://docs.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview
  • ExpressRoute peering changes – this interested me as one of the key topics I usually discuss with clients is the 3 different peering options avaialble over ExpressRoute; private, public and Microsoft. As the blog notes, private includes traffic to your own VNets, public is traffic to Azure VIPs and Microsoft is traffic to SaaS services, e.g. 365. Customers have had several challenges with the MS peering namely around routing configurations within their own network and with the ExpressRoute provider. More recently, it was my understanding that Microsoft Peering was actually not recommended unless specific compliance regulations demanded this. With the above announcements it will be interesting to dig into this in more detail to understand it better. One for the ExpressRoute black belt calls.. Smile
  • General monitoring improvements – it’s great to see that OMS is mentioned everywhere and is becoming a key focal point across lots of components in the MS space. There are some great improvements that will help customers in this announcement, e.g. availability of your connections, monitoring endpoints (e.g. PaaS or SaaS availability) and some cool innovations around real user measurements and traffic flow within Traffic Manager.

Each of the above topics deserves individual consideration, as evidently a lot of effort has gone in behind the scenes by the Azure team, and it’s great to see them listen to customers and act on recommendations made. Big thumbs up and look forward to trying some of these out!