Microsoft announced major upgrades to Azure networking capabilities, including the launch of ExpressRoute 100Gbps Direct, ExpressRoute Global Reach, and the general availability of Azure Virtual WAN. There are also enhancements to Azure Virtual Networks and DNS. The Azure Networking Fall 2018 update comes as part of the company's #MSIgnite conference underway this week in Orlando, Florida.
Here are the highlights:
Azure ExpressRoute Direct 100Gbps connectivity -- a first for a global cloud provider. ExpressRoute Direct with 100G connectivity provides massive data ingress for scenarios such as telemedicine, content distribution, and IoT. The service allows 100 Gbps of network traffic to be directed at Azure Storage and Azure Virtual Networks. The traffic can be on a single 100G ExpressRoute Circuit or the 100G can be subdivided by the customer's business units in any combination of 40G, 10G, 5G, 2G, and 1G ExpressRoute circuits. Microsoft notes that because ExpressRoute is for mission-critical workloads, ExpressRoute Direct, like ExpressRoute, provides physical connectivity via two physical routers in an active-active configuration.
ExpressRoute Global Reach – allows enterprise customers to connect two ExpressRoute circuits together. This allows sites that are already connected to ExpressRoute to now privately exchange data via their ExpressRoute circuits. Customers can thereby use Microsoft's global network to privately send traffic between their sites, for instance between London and Tokyo if both sites are currently served by ExpressRoute. ExpressRoute Global Reach is available in the following locations: Hong Kong, Ireland, Japan, Netherlands, United Kingdom, and the United States with Korea and Singapore coming soon. As Microsoft adds locations, it becomes more like a global carrier.
Big expansion of the Azure Virtual WAN ecosystem. Microsoft is now recommending that Office 365 customers use local Internet breakouts to get onto Microsoft’s global network as quickly as possible and take advantage of the Office 365 distributed edge node ecosystem. The company has previously announced virtual WAN partnerships with Citrix and Riverbed. This has been expanded to include Virtual WAN solutions from 128 Technology, Barracuda, Check Point, NetFoundry, and Palo Alto. Coming soon Azure will include Virtual WAN solutions from CloudGenix, Nuage Networks, Silver Peak, Versa Networks, and VeloCloud.
New Zone Redundant VPN and ExpressRoute Gateways -- customers are now able to deploy Azure VPN and Azure ExpressRoute gateways in Azure Availability Zones, thus making them physically and logically separate within a region to protect on-premises network connectivity to Azure from zone-level failures.
Enhanced Azure Container Networking Interface (CNI) --a plugin brings Azure Networking capabilities to containers by utilizing the same SDN stack that powers Azure VMs. Containers can now connect to peered VNets and to on-premises over ExpressRoute or site-to-site VPN and access services such as Storage and SQL protected by VNet Service Endpoint. Network Security Group (NSG) and User Defined Routing (UDR) rules can be applied directly to containers. Azure CNI is utilized by the Azure Kubernetes Service.
Azure Firewall enters general availability status -- this GA, offers fully stateful network and application level traffic filtering for VNet resources, with built-in high availability and cloud scalability delivered as a service. Customers can protect their VNets by filtering Outbound, Inbound, Spoke-Spoke, VPN and ExpressRoute traffic.