Guest Pierre Roman Posted August 11, 2023 Posted August 11, 2023 Hello Folks, Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking. In this blog post, we’ll cover what's new with Azure Networking in June 2023. In this blog post, we will cover the following announcements and how they can help you. Azure’s cross-region Load Balancer Updated default TLS policy for Azure Application Gateway Always Serve for Azure Traffic Manager Azure Virtual Network encryption Enjoy! Azure’s cross-region Load Balancer Azure Load Balancer’s global tier is a global network load balancing solution. With cross-region load balancer, you can distribute traffic across multiple Azure regions with ultra-low latency and high performance. This ultra-low latency is achieved through two mechanisms, geo-proximity routing and layer 4 distribution. Therefore, traffic originating from a client hits the closest participating region and travel through the Microsoft global network backbone to arrive at the closest regional deployment. Each instance is given a static global anycast IP address that you own and control. With a static IP address, you don’t have to worry about your frontend IP changing. In addition, cross-region load balancer preserves the original IP of the packet. The original IP is available to the code running on the virtual machine. This preservation allows you to apply logic that is specific to an IP address. Announcement: Distribute global traffic with ultra-low latency using Azure Load Balancer Documentation: What is Azure Load Balancer? Cross-region (Global) Load Balancer Load-balancing options Learning opportunities: Tutorial: Create a cross-region Azure Load Balancer using the Azure portal Updated default TLS policy for Azure Application Gateway We have updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites. TLS 1.0 is from 1999. Yes, 1999. Like the Prince song… Encrypt like it's 1999??? TLS 1.1 is from 2006. I don't know of a song about 2006, but these are both ancient & need to be disabled. Announcement: Updated default TLS policy for Azure Application Gateway Documentation: Application Gateway TLS policy overview Always Serve for Azure Traffic Manager Azure Traffic Manager (ATM) now allows you to disable endpoint health checks from an ATM profile and always serve traffic to that given endpoint. You can also now choose to use 3rd party health check tools to determine endpoint health, and ATM native health checks can be disabled, allowing flexible health check setups. Announcement: General availability: Always Serve for Azure Traffic Manager Documentation: What is Traffic Manager? Traffic Manager endpoint monitoring Traffic Manager Frequently Asked Questions (FAQ) Learning opportunities: Tutorial: Improve website response using Traffic Manager Azure Virtual Network encryption You will soon be able to enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks. This will enhances the existing encryption in transit capabilities in Azure. Azure Virtual Network encryption is available in the following regions during public preview: East US 2 EUAP, Central US EUAP, West Central US, East US, East US 2, West US, West US 2. If interested, sign up to obtain access to the public preview here. Announcement: Public preview: Azure Virtual Network encryption Documentation: What is Azure Virtual Network encryption? (Preview) Azure encryption overview That’s it fop this month. Cheers Pierre Continue reading... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.