Friday, April 1, 2022

AzUpdate S04E08: Azure Data Explorer, Azure Disk Storage, Azure Front Door & Azure Site Recovery

Hello Folks,


Today, please look around and ensure that none of your teammates play some tricks on you.  That being said, I’m trusting my teammate Amy Colyer (@wyrdgirl) to behave.  (Well, I may be the one she needs to worry about….   LOL)


In any case, what’s not a trick is the news coming out of the Redmond mothership this week.  We’ll dive into Azure Data Explorer supports Conditional Access, Cross-region snapshot copy for Azure Disk Storage, Azure Front Door & On-demand capacity reservation with Azure Site Recovery


So here we go… Join us online on YouTube? (Live at 10 am eastern time zone) or catch the replay below.



Azure Data Explorer supports Conditional Access





In this day and age organizations are and should be increasingly security conscious and are seeking ways to secure their business applications & data. While hackers are becoming more sophisticated, there is a constant need for the product teams to provide best-in-class security controls & stay ahead of the curve.  This is why Azure Data Explorer (ADX) is now supported as an application in Azure Active Directory (AAD) Conditional Access allowing you to enforce various condition-based access policies.


For example, in the context of Azure Data Explorer: 


  • Organizations can create a policy to require some but not all to complete an MFA step before gaining access.  
  • You can deny all query requests originating outside specific geographies or only allow requests from trusted locations and require MFA for the rest.  
  • Organizations can allow cluster monitoring only from specific device platforms viz. windows, Mac, iOS, Android, etc. 
  • You can allow ingesting data operations only from corporate devices marked as compliant with Microsoft Intune

You can find more info here and the steps for conditional access here


Cross-region snapshot copy for Azure Disk Storage




As ITPro and operation folks have known for decades, Incremental snapshots are an easy, cost-effective point-in-time backups of Azure Disk Storage.


Now you can copy incremental snapshots to any region for disaster recovery using cross-region snapshot copy. Azure manages the copy process and ensures that only changes since the last snapshot in the target region are copied, reducing the data footprint and recovery point objective (RPO).


You can get more information about cross-region snapshot copy in the documentation


The new Azure Front Door – a modern cloud CDN service




In 2019, we launched Azure Front Door to bring enterprise-grade content delivery network (CDN) capabilities to our customers. This was a result of our own cloud journey over the past 13 years, which led us to develop unique infrastructure and services hardened by support for Microsoft’s largest applications like Bing, Microsoft 365, LinkedIn, Skype, and Azure.


This week we announced the new Azure Front Door, our native, modern cloud content delivery network (CDN) catering to both dynamic and static content acceleration with built-in turnkey security.


Whether you’re delivering content and files or building global apps and APIs, the new Azure Front Door can help you deliver higher availability, lower latency, better scale, and more secure experiences to your users wherever they are.


Several key capabilities have been included in the new version:

  • Improved automation and simplified provisioning with DNS TXT based domain validation
  • Auto generated endpoint hostname to prevent subdomain takeover
  • Expanded Private Link support in all Azure regions with availability zones to secure backends
  • Web Application Firewall enhancements with DRS 2.0 RuleSet and Bot manager
  • Expanded rules engine with regular expressions and server variables
  • Enhanced analytics and logging capabilities
  • Integration with Azure DNS, Azure Key Vault, Azure Policy and Azure Advisor

The documentation for the new Azure Front Door can be found here


On-demand capacity reservation with Azure Site Recovery safeguards VMs failover





Azure Site Recovery is now integrated with on-demand capacity reservation. With this integration, you can now leverage capacity reservations with Site Recovery to reserve compute capacity in the disaster recovery (DR) region and guarantee your failovers.


When you assign a capacity reservation group (CRG) for your protected VMs, Site Recovery will failover the VMs to that CRG. Additionally, a compute SLA gets added to the existing Site Recovery’s Recovery Time Objective (RTO) SLA of 2 hours.


Some added benefits of doing this are:

  • Once deployed, capacity is reserved for your failovers and always available within the scope of applicable SLAs
  • Can be deployed and deleted at any time with no term commitment
  • Can be combined automatically with Reserved Instances to use term commitment discounts

You can find more information about On-demand Capacity Reservation here


MS Learn Module of the Week



This week we suggest you go over the following learn module.  Introduction to Azure Front Door


It will guide you through describing how Azure Front Door can provide a fast, reliable, and secure modern cloud content delivery network


By the end of this module, you will be able to:

  • Evaluate whether Azure Front Door can help transform your organization's apps into high-performing, personalized modern apps.
  • Describe how web application firewall features of Azure Front Door help protect your apps.

We wish you an amazing weekend.  And that’s not an April’s fool prank.


Thanks for joining us for this week’s AZUpdate episode.


Feel free to comment or reach out with any questions in the comments below or join us on our discord server.




Posted at