Jump to content

Wired for Hybrid - What's New in Azure Networking - July 2023 Edition


Recommended Posts

Guest Pierre Roman
Posted

Hello Folks,

 

 

 

Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking.

 

 

 

In this blog post, we’ll cover what's new with Azure Networking in June 2023. In this blog post, we will cover the following announcements and how they can help you.

 

 

 

  • Azure’s cross-region Load Balancer
  • Updated default TLS policy for Azure Application Gateway
  • Always Serve for Azure Traffic Manager
  • Azure Virtual Network encryption

 

Enjoy!

 

 

 

 

 

 

Azure’s cross-region Load Balancer

 

 

largevv2px999.png.79feac7c24bf52be78e5898883ee5e1a.png

 

 

 

Azure Load Balancer’s global tier is a global network load balancing solution. With cross-region load balancer, you can distribute traffic across multiple Azure regions with ultra-low latency and high performance. This ultra-low latency is achieved through two mechanisms, geo-proximity routing and layer 4 distribution. Therefore, traffic originating from a client hits the closest participating region and travel through the Microsoft global network backbone to arrive at the closest regional deployment.

 

 

 

Each instance is given a static global anycast IP address that you own and control. With a static IP address, you don’t have to worry about your frontend IP changing. In addition, cross-region load balancer preserves the original IP of the packet. The original IP is available to the code running on the virtual machine. This preservation allows you to apply logic that is specific to an IP address.

 

Announcement:

 

Documentation:

 

Learning opportunities:

 

Updated default TLS policy for Azure Application Gateway

 

 

largevv2px999.png.51d7d5368a38fd4d857c08e2c605396c.png

 

 

 

We have updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites.

 

 

 

  • TLS 1.0 is from 1999. Yes, 1999. Like the Prince song… Encrypt like it's 1999???
  • TLS 1.1 is from 2006. I don't know of a song about 2006, but these are both ancient & need to be disabled.

Announcement:

 

Documentation:

 

Always Serve for Azure Traffic Manager

 

 

largevv2px999.png.aa883d32980d44f30e2f64633814e928.png

 

 

 

Azure Traffic Manager (ATM) now allows you to disable endpoint health checks from an ATM profile and always serve traffic to that given endpoint. You can also now choose to use 3rd party health check tools to determine endpoint health, and ATM native health checks can be disabled, allowing flexible health check setups.

 

Announcement:

 

Documentation:

 

Learning opportunities:

 

Azure Virtual Network encryption

 

 

largevv2px999.jpg.3180b7785f940cd6d27e04642cee9023.jpg

 

 

 

You will soon be able to enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks.

 

 

 

This will enhances the existing encryption in transit capabilities in Azure.

 

 

 

Azure Virtual Network encryption is available in the following regions during public preview: East US 2 EUAP, Central US EUAP, West Central US, East US, East US 2, West US, West US 2.

 

 

 

If interested, sign up to obtain access to the public preview here.

 

Announcement:

 

Documentation:

 

 

That’s it fop this month.

 

Cheers

 

 

 

Pierre

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...