Keeping up with the pace of the Azure cloud evolution is tough at the best of times. Just when you think you are getting on top of it, Ignite comes along and Microsoft drop a cluster of feature bombs which means you spend most of your Saturday updating your Visio architecture diagrams. Thanks a lot guys.
As usual, the stream of big Azure announcements coming out of Ignite has been relentless. Now that the dust has settled and I’ve had chance to play around with some stuff, here’s my quick breakdown of a few of the more interesting changes. No particular order.
SSIS Package Hosting in Azure Data Factory - Deploy your SSIS packages directly into Azure Data Factory using SSMS or SSDT. This is going to unlock cloud data platform adoption for lots of organisations and we’re really excited about this one.
Azure SQL DB Vulnerability Assessment - this one is amazing. Scan your Azure SQL DB for common vulnerabilities directly from a blade in the Azure portal in seconds. A very cool and essential feature that's bound to be a hit.
Stream Analytics enhancements – Now we can output directly to an Azure Function from an Azure Stream Analytics job. Azure Functions are amazingly flexible, so I can see lots of potential for managing and orchestrating data streams here. There’s also a built-in Anomaly Detection operator powered by Azure Machine Learning which is going to be useful to spot unusual or unexpected trends in your data stream.
Azure Data Box - got loads of data that you really want to put in Azure but will take forever to upload? Microsoft now offer a managed data transfer service with a 100TB capacity data store that they ship to you, you stick the data on it, and then ship it back. Microsoft then decrypt and upload into Azure for you.
Planned Maintenance Notifications - Microsoft will tell you when maintenance of the underlying Azure fabric is scheduled, which gives you a time window to perform pre-emptive maintenance on your VMs, rather than have them reboot at a totally annoying time. All managed from within the Azure Portal, this is a handy feature which reduce headaches caused by unexpected server restarts.
Virtual Network Service Endpoints - BIG news. This is a highly anticipated feature which enables you to lock-down your Azure PaaS services to your private Azure IP networks. This means that you can now remove public endpoints, should you want to. It supports Azure Storage accounts and Azure SQL DB only right now, but other services may be introduced over time. Be careful with this one; service interruptions can and will happen if you get it wrong.
Global VNet Peering – now it’s possible to interconnect virtual networks in different global Azure regions using the same peering mechanism that we use for intra-region connections. This means reduced infrastructure complexity, fewer VPN gateways to manage, and a standard connection mechanism across your VNets.
NSG Service Tags for Azure services - Azure Storage, Azure SQL, and Azure Traffic Manager are now available as Service Tags in NSGs. This means you can lock-down outbound traffic from your VMs to just the Azure services you need access to. The Azure datacentre IP ranges for these Service Tags are wholly managed by Microsoft, so no maintenance needed.
HA Load Balancer Ports - you can now deploy an Azure Load Balancer in front of a backend-pool of Network Virtual Appliances to make them highly available. No more separate box required to manage failover. Welcome news for those with enterprise firewall deployments in Azure.
Azure Security Center for Hybrid cloud - If you're using the OMS Security and Compliance monitoring solution, Azure Security Center will now extend to your on-premise VMs that have the Microsoft Monitoring Agent installed. This means you can keep things simple by using a single security assessment tool across your Azure and on-premises VMs.
Azure PowerShell in the Portal - a PowerShell console directly in the browser. Enough said. I’ve used this almost every day since it was announced and now I can't live without it.
Feel free to drop me a line if you want to discuss any of the above, or if you just want to collaborate on building some cool stuff. I'm always up for that.
Please note that the services mentioned above may be in preview, won't be available in all Azure regions, and will have varying levels of support from Microsoft. Don't assume that everything will work flawlessly, and think carefully before running production workloads on any Azure services in preview.