Microsoft Azure Offerings and New Services

1. Microsoft Azure Offerings and New Services
Mohamed Tawfik
Cloud Technical Consultant - Azure CoE EMEA

2. Agenda
Networking
Compute
NetEnrich
Developer Services
Storage
Web & Mobile
Databases
Intelligence & Analytics
Monitoring & Management
Security + Identity

3. Cloud Computing Value Proposition
• Pay for what you use
• Quick setup
• Safety
• Scalability
• Redundancy
• High availability
• Reliability
• Focus on concept

4. Microsoft Azure: Market Share
Canalys’ Senior Analyst De Leon said Microsoft’s
incredible growth was due to its ability to convert its
enormous enterprise client base into Azure
customers. Many leading enterprise vendors are
already building on Azure Stack, Microsoft’s
upcoming, on-premises private cloud solution, to
offer hybrid solutions to their customers.
https://www.canalys.com/newsroom/cloud-service-
providers%E2%80%99-battle-drives-worldwide-
cloud-infrastructure-market-42-q1-2017-0

5. Cloud Computing Value Proposition

6. Compute

7. Low Priority Virtual Machines (In development)
 Borrow and take advantage of unused capacity of
Azure compute at a much lower price, 60% to 80%
discount
 However, they can reclaim these VMs at any given
moment due to higher priority allocations
 Ideal for interrupt tolerant workloads (Web services,
testing, containers platforms, batch jobs, etc.)
 Interrupted tasks automatically return to On-
Demand when necessary and will opportunistically
revert back to Low-priority VM when appropriate

8. Networking

9. Multiple IP addresses on Network Interface Cards (NIC)
 More than one (and up to 250) private and public IP addresses are able to be allocated to each NIC
 All the private IP addresses will support platform-native features like Network Security Groups (NSGs) and User
Defined Routes (UDRs)
 This feature allows hosting multiple websites or services with different IP addresses and SSL certificates on a
single server
 Through this feature, micro-services on VMs will be able to use distinct IP addresses, and to benefit from native
functions like NSGs and UDRs without depending on an overlay network

10. Multiple IP addresses on Network Interface Cards (NIC)

11. Nested virtualization
 Available on Dv3 and Ev3 virtual machine sizes. Support expansion to more VM sizes is expected in the coming
months
 Allows creating a virtual machine inside a virtual machine
 The nested environment provides great flexibility supporting your needs in various areas such as development,
testing, customer training, demo, and more
 The nested virtual machine hosts will be used to replace physical Hyper-V hosts, and the individual testing
engineer will have full control over the Hyper-V functionality on their own assigned host in Azure
 Allows creating a Hyper-V container with Docker

12. Azure Network Watcher
 Simplifies the monitoring and diagnosing of your Azure network
 Enables you to take remote packet captures on an Azure Virtual Machine, gain insights into your network traffic
using flow logs, and diagnose VPN Gateway and Connections

13. Storage

14. Managed Disks
 When scaling up, you put too many disks in a storage account and potentially exceed the scalability targets of the
storage account (20,000 IOPS, for example), resulting in the VMs being throttled
 Managed Disks handles the storage account creation/management in the background
 Ensures that the disks of VMs in an Availability Set are sufficiently isolated from each other to avoid single points
of failure (in case each of the storage accounts created for an availability set coincidently share the same fault
domain)
 With managed disk snapshots, you can back up your managed disks at any point in time
 Easy upgrade from standard to premium

15. Managed Disks

16. Azure virtual machines—announcing large disk sizes up to 4-TB
 This extends the maximum size of the disks, for both Premium and Standard storage, from 1,024-GB to 4,095-
GB, and enable customers to add four times more disk storage capacity per virtual machine
 This also introduces two new disk sizes in P40 (2-TB) and P50 (4-TB) for both managed and unmanaged
Premium Disks, as well as S40 (2-TB) and S50 (4-TB) for Standard managed disks

17. Azure storage—larger block blobs
 The introduction of larger Block Blobs increases the maximum file size from 195 GB to 4.77 TB
 This increases the maximum allowable block size from 4 MB to 100 MB, while maintaining support for up to
50,000 blocks committed to a single Blob
 This size increase only applies to Block Blobs, and the maximum size of Append Blobs (195 GB) and Page Blobs
(1 TB) remains unchanged
 Larger Block Blobs are supported by REST API version 2016-05-31 and later
 The increased blob size better supports a diverse range of scenarios, from media companies storing and
processing 4K and 8K videos

18. Azure archive storage (In development)
 Archive Storage will be a low-cost cloud storage option for data that's archived and rarely accessed. It will be
highly durable and secure, enabling scenarios such as archiving data that could require it for many years like
medical reports, compliance documents, and exchange mails
 Archive storage will offer life-cycle management capabilities of moving between archival, and hot and cool
storage

19. Storage Service Encryption (SSE)
 Provides encryption at rest automatically for managed and
unmanaged disks (only blobs and file storage, excluding tables and
queues)
 Encryption using 256-bit AES encryption
 Available on all redundancy levels (LRS, ZRS, GRS, RA-GRS)
 All encryption keys are stored, encrypted, and managed by Microsoft

20. Azure Site Recovery (ASR) between Azure regions (In preview)
 Supports the failover of virtual machines
running on the Azure IaaS platform
 Create recovery plans and test failovers
between regions, and replicate applications to
any other region without having to deploy
additional software or appliances

21. Azure backup—enhanced security
 Secure backups and recover data using cloud backups if production and backup servers are compromised, eithe
on-premises or in Azure
 Built on three principles – Prevention (requiring security PIN), Alerting (Email notification) and Recovery (retains
deleted backup data for 14 days)

22. Azure Backup instant file recovery (In preview)
 Provides a writeable snapshot of a cloud-based recovery point, which could
be quickly mounted as iSCSI-based recovery volumes. You'll be able to
simply browse through the files using your regular file explorer and copy
them to the destination of your choice
 You'll be able to open application files such as SQL and Oracle directly from
cloud recovery-point snapshots as if they are present locally, and attach them
to live instances without having to first restore them
 The same feature for Azure Linux VM backups in preview

23. Azure Backup for Windows Server system state (In Preview)
 Seamless, secure backups of your Windows Server System State directly to Azure
 No need to provision any on-premises infrastructure
 Provide a snapshot of your system state including files, active directory settings, and
certification services stored in Azure

24. Developer Services

25. Azure DevTest Labs
 Provides developers and testers a self-service sandbox environment to quickly create and use pre-provisioned
VMs and images (customized by IT Admins and assigned an operation policy per users and per lab)
 Solve usual production delays while maintain cost and operation control

26. Azure DevTest Labs

27. Web & Mobile

28. Azure mobile app
 Stay in touch with your Azure resources, quickly diagnose and fix issues, and
even run commands
 Available on iOS and Android, soon on Windows

29. Azure App Service Web App on Linux (In preview)
 Build applications in a Linux containers for supported application stacks
(Node.js, PHP, .Net Core, Ruby)

30. Databases

31. Azure SQL Database elastic pools
 Enables databases to be pooled to maximize the use of resources and save money
 You allocate performance resources to a pool rather than an individual database, and pay for the collective
performance resources of the pool rather than for single database performance
 Pooled databases consume but don’t exceed the limits of the pool, so your cost remains predictable even if
individual database usage doesn’t

32. Cloud Computing Value Proposition
Azure Cosmos DB (available)/ MySQL (in preview) /PostgreSQL (in preview)
 Those fastest growing open source database engines that are being widely embraced by developers are now
offered as a 1st class (by Microsoft) database as a service solution
 No need to worry about managing the operating system and database patching, perform manual database
backups, orchestrate recovery, etc.
 The differentiating factor is the value added features provided by Azure such as monitoring, backup, SLA,
scalability, pricing, multi-API, etc.

33. Intelligence & Analytics

34. Azure Analysis Services
 An enterprise grade OLAP engine and BI modeling platform, offered as a fully managed PaaS with the scale
and benefits of the cloud
 Transform data into actionable insights with In-memory querying over massive and complex datasets.
 Built on the proven analytics engine in Microsoft SQL Server 2016 Analysis Services

35. Cloud Computing Value Proposition

36. Security + Identity

37. Azure Role-Based Access Control (RBAC) (In preview)
 Enables fine-grained access management by granting only the amount of access users need to perform their jobs
 Assign RBAC role to users, groups, and applications at a certain scope (subscription, a resource group, a single
resource)
 A role assigned at a parent scope also grants access to the children contained within it.

38. Azure Active Directory pass-through authentication (In preview)
 Enables users to login to cloud resources
by validating their password against their
on-premises local Active Directory without
storing passwords or even password
hashes in the cloud, which might be a
security or compliance policy requirement
for their organization
 No need to modify corporate network
infrastructure or install products such as
AD FS or similar third-party federation
solutions

39. Azure Active Directory pass-through authentication (In preview)

40. Azure Active Directory B2C
 A comprehensive identity management solution for your consumer-facing applications
 Easily integrated to any platform and accessible from any device
 Highly available global service, supports hundreds of millions of consumer identities
 Allows Azure Multi-Factor Authentication in your consumer-facing applications
 With minimal configuration, Azure AD B2C enables your application to authenticate:
 Social Accounts (such as Facebook, Google, LinkedIn, and more)
 Enterprise Accounts (using open standard protocols, OpenID Connect or SAML)
 Local Accounts (email address or username and password)

41. Azure managed applications (In preview)
 Managed Applications provide a powerful new way for Managed Service Providers (MSPs) and Independent
Software Vendors (ISVs) to sell managed services to Microsoft customers
 It enables MSPs and ISVs to deliver turnkey solutions, managed by the partner, through the Azure Marketplace
 This means that the customers don’t have to invest in building the application specific domain knowledge, which
would have been needed to service these applications. It enables customers to automatically acquire application
updates without having to worry about troubleshooting and diagnosing issues with the application
 It enables vendors to bill customers using Azure's billing system and use templates to manage the lifecycle of
deployed applications
 Managed applications are self-contained and sealed for the customer. This means that the resource group where
the resources will be provisioned are “locked” for the customer. As a result, customers cannot delete or make
changes to the resources in this resource group

42. Azure managed applications (In preview)

43. Azure Security Center
 Helps you prevent, detect, and respond to security threats by offering increased visibility into and control over
the security of your Azure deployments
 Our security research and data science teams are constantly monitoring the threat landscape and adding new
or enhancing current detection algorithms. Azure Security Center customers benefit from these innovations as
algorithms are continuously released, validated, and tuned
 Define policies for your Azure subscriptions according to your company’s cloud security needs, tailored to the
type of applications or sensitivity of the data in each subscription. Use policy-driven recommendations to guide
resource owners through the process of implementing required controls—take the guesswork out of cloud
security.

44. Cloud Computing Value Proposition

45. Monitoring & Management

46. Azure Monitor
 Provides base level infrastructure metrics and logs for most services in Microsoft Azure in a central source
 Provides all the vital monitoring telemetry including platform- and service-level metrics and logs, giving you the
ability to configure alerts to take intelligent actions on that data

48. Usefull Links

49. http://armviz.io/designer
ARMVIZ

50. AzureSpeed.com
http://www.azurespeed.com/

51. Azure Resource Explorer (Preview)
https://resources.azure.com/

52. Azure App Service Migration Assistant
https://www.migratetoazure.net/

53. Microsoft vs. VMware TCO Calculator
http://datacenter-tco-tool.azurewebsites.net

54. Where is my data?
http://o365datacentermap.azurewebsites.net/

55. Mohamed Tawfik
Cloud Technical Consultant
Azure CoE EMEA
Thank You!