This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
Hello Folks,
Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking.
In this blog post, we’ll cover what's new with Azure Networking in June 2023. In this blog post, we will cover the following announcements and how they can help you.
- Azure’s cross-region Load Balancer
- Updated default TLS policy for Azure Application Gateway
- Always Serve for Azure Traffic Manager
- Azure Virtual Network encryption
Enjoy!
Azure’s cross-region Load Balancer
Azure Load Balancer’s global tier is a global network load balancing solution. With cross-region load balancer, you can distribute traffic across multiple Azure regions with ultra-low latency and high performance. This ultra-low latency is achieved through two mechanisms, geo-proximity routing and layer 4 distribution. Therefore, traffic originating from a client hits the closest participating region and travel through the Microsoft global network backbone to arrive at the closest regional deployment.
Each instance is given a static global anycast IP address that you own and control. With a static IP address, you don’t have to worry about your frontend IP changing. In addition, cross-region load balancer preserves the original IP of the packet. The original IP is available to the code running on the virtual machine. This preservation allows you to apply logic that is specific to an IP address.
Announcement:
Documentation:
Learning opportunities:
Updated default TLS policy for Azure Application Gateway
We have updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites.
- TLS 1.0 is from 1999. Yes, 1999. Like the Prince song… Encrypt like it's 1999???
- TLS 1.1 is from 2006. I don't know of a song about 2006, but these are both ancient & need to be disabled.
Announcement:
Documentation:
Always Serve for Azure Traffic Manager
Azure Traffic Manager (ATM) now allows you to disable endpoint health checks from an ATM profile and always serve traffic to that given endpoint. You can also now choose to use 3rd party health check tools to determine endpoint health, and ATM native health checks can be disabled, allowing flexible health check setups.
Announcement:
Documentation:
- What is Traffic Manager?
- Traffic Manager endpoint monitoring
- Traffic Manager Frequently Asked Questions (FAQ)
Learning opportunities:
Azure Virtual Network encryption
You will soon be able to enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks.
This will enhances the existing encryption in transit capabilities in Azure.
Azure Virtual Network encryption is available in the following regions during public preview: East US 2 EUAP, Central US EUAP, West Central US, East US, East US 2, West US, West US 2.
If interested, sign up to obtain access to the public preview here.
Announcement:
Documentation:
That’s it fop this month.
Cheers
Pierre