Cloud Platform Release Announcements for July 26, 2017

This is a blog post for a new, ongoing series of consolidated updates from the Cloud Platform team.

We’re here to help you embrace the cloud. Realize your true potential with our unique innovations, comprehensive mobile solutions, and developer tools across the breadth of our product portfolio. To help you stay current, here are our latest releases.

  • Azure Container Moment | Containers Moment launch
  • Windows Server Software Defined program partner announcement | general availability
  • Azure Virtual Machines | L and G-series additions to US West 2 + UK South general availability
  • Azure Cosmos DB | Service Organization Controls (SOC) compliance general availability
  • Azure HDInsight | HDInsight Korea South and Central general availability
  • Power BI Desktop | general availability
  • Power BI Service | general availability
  • SQL Server 2017 (Windows, Linux, and Docker) | Release Candidate 1 (RC 1)
  • Azure App Service | App Service Isolated SKU general availability
  • Azure Service Fabric | feature upgrades general availability
  • Azure App Service | App Service Domain Preview
  • Azure App Service | App Service Premium SKU V2 Preview
  • Azure Service Bus | Hybrid Connections in US Government Cloud general availability
  • Azure Multi-Factor Authentication enhancements | Network Policy Server (NPS) Extension for Azure Multi-Factor Authentication general availability
  • Microsoft Advanced Threat Analytics (ATA) releases | general availability
  • Microsoft Cloud App Security | Discovery enhancements, security dashboard

Azure Container Moment | Containers Moment launch

We’re dramatically simplifying the experience of running containers in the cloud with the launch of Azure Container Instances (ACI). Using Container Instances, you can easily run containers on Azure with a single command.

An Azure Container Instance is a single container that starts extremely fast (<10 seconds, depending on the container) and offers per-second billing. It’s a fully managed service and there’s no infrastructure management for you to think about or higher-level cluster orchestration concepts to learn. There’s no programming model to understand, it’s simply your code, in a container, running in the cloud. For those beginning their container journey, Azure Container Instances provide a simple experience to get started with containers in the cloud, enabling you to quickly create and deploy new containers with only a few simple parameters.

Here’s a sample CLI command showing this simplicity:

az container create -g corey_group --name apacheContainer --image bitnami/apache --ip-address public

Azure Container Instances build off our earlier announcements at Build to deliver the easiest way to take advantage of deploying, managing, and building apps for containers. Container Instances are available today in public preview for both Linux and Windows Server containers. We’ll continue to improve support this year, including adding deployment into a customer VNET. For experienced IT professionals who have grown accustomed to leveraging the Azure Resource Manager API and Azure CLI, deploying containers directly on Azure, just like virtual machines (VMs), will feel natural. You can also configure your containers instances with Azure Active Directory authentication or other providers to ensure secure execution. Azure Container Instances offers the highest level of security and isolation between customers. With Azure Container Instances, you can also quickly and easily deploy from a public repository like Docker Hub, or pull from your own private repository using the Azure Container Registry.

To build and shape the container ecosystem, it’s important to fully understand use cases and applications. An open community of industry peers is vital to driving innovation across the container stack. In that vein, we’re also excited to announce that Microsoft has joined the Cloud Native Computing Foundation (CNCF) as a Platinum member this week. CNCF is a Collaborative Project of the Linux Foundation (of which Microsoft is also a member) that hosts and provides governance for a wide range of container- and orchestration-related open source projects such as Kubernetes, Prometheus, OpenTracing, Fluentd, Linkerd, containerd, Helm, gRPC, and many others. An example of Microsoft’s contribution to open source innovation includes the decision to join the Open Service Broker API working group to make it easier for you to connect cloud services like CosmosDB with application platforms like Kubernetes.

As these announcements show, using Azure as your trusted partner to take advantage of the benefits of containers has never been easier.

Windows Server Software Defined program partner announcement | General Availability

Announcing new validated Windows Server Software Defined solutions from partners
We’re pleased to announce a new set of validated software-defined datacenter solutions are now available from our Windows Server partners, including DataON, Fujitsu, HPE, Lenovo, QCT, and Supermicro. These hyper-converged solutions make it faster and easier to deploy software-defined compute, storage, and networking in your datacenter. In addition to providing validated hardware solutions that meet the Microsoft reference architecture, these partners offer deployment services and one-stop technical support.
Partners offer three kinds of Windows Server Softer Defined solutions:

  • Hyper-Converged Infrastructure (HCI) Standard. Highly virtualized compute and storage are combined in the same server-node cluster, making them easier to deploy, manage, and scale.
  • Hyper-Converged Infrastructure (HCI) Premium. Comprehensive “software-defined datacenter in a box” adds software-defined networking and security features to HCI Standard.
  • Software-Defined Storage (SDS). Built on server-node clusters, this enterprise-grade, shared-storage solution replaces traditional external storage devices at a much lower cost, while support for all-flash NVMe drives delivers unrivaled performance.

Call to action

Azure Virtual Machines | L and G-series additions to US West 2 + UK South general availability

Announcing expanded availability for L and G series VMs

We’re announcing expanded regional availability for Land G series virtual machines. These powerful VMs which offer up to 32 cores using Intel Xeon processors, support RAM configurations that can exceed 256 GB and Solid State Disk (SSD) sizes of 5 TB or more, are purpose built to provide the best performance for several categories of database (DB) workloads.

L series VMs are especially suited for storage intensive workloads like NoSQL databases (Cassandra, MongoDB, etc.) that require high performance at low latency. L series VMs can support up to 256 GB of RAM and 5.6 TB of local SSD drive storage.

G series VMs can support up to 448 GB of RAM and 6 TB of SSD storage. G series VMs provide a high performance foundation for DB workloads. like SQL Server and SAP HANA, that require high compute performance and large amounts of RAM to support in-memory database operation.

L and G Series VM support will now be added to the following new regions:

  • US West 2
  • UK South

Learn more about the capabilities of L and G Series VMs,  and visit Azure pricing info.

Azure Cosmos DB | Service Organization Controls (SOC) compliance general availability

Azure Cosmos DB—SOC audit compliance

The American Institute of Certified Public Accountants (AICPA) has developed the SOC framework, a standard for controls that safeguard the confidentiality and privacy of information stored and processed in the cloud. This aligns with the International Standard on Assurance Engagements (ISAE), the reporting standard for international service organizations. Teams applying for SOC go through a vigorous 6-month audit process and continue to maintain the status thereafter. The first SOC audit for Azure Cosmos DB started in October 2016 and is now complete, achieving a SOC 1, 2, and 3 compliant status.

Azure HDInsight | HDInsight Korea South and Central General Availability

Azure HDInsight available in additional regions

Azure HDInsight for Linux is now available in Korea South and Korea Central. HDInsight is a fully managed cloud Hadoop offering that provides open-source analytic clusters for Spark, Hive, MapReduce, HBase, Storm, Kafka, and R Server backed by a 99.9 percent service-level agreement (SLA). To learn more about this service, please visit the HDInsight webpage.

Power BI Desktop | general availability

New and most frequently requested Power BI Desktop features are now available to business analysts.

Responsive layout for visuals preview—We’re now providing responsive visualizations which change dynamically to display the maximum amount of data and insight, no matter the screen size.

Custom visuals store integration—We’re bringing the custom visuals store into the Power BI Desktop. Right from the Home ribbon, you can open the store, browse visuals, and add them to your Desktop. This makes it much easier to find new visuals and use them in your reports. All the custom visuals that are listed in the Office store are available directly from the Desktop.

Quick measures from the community—Community members have been submitting ideas for new quick measures (along with its DAX) to our Quick Measures Gallery, and we’ve integrated two of those measures into our product—Star Rating and Concatenated List of Values. Download the latest Power BI Desktop to experience the new features immediately. For more information on these new features and others, visit the Power BI blog.

Power BI service | general availability

Newer and most frequently requested Power BI features are now available to end users and business analysts.

Responsive visualizations—Power BI responsive visualizations change dynamically to display the maximum amount of data and insight, no matter the screen size. See more information.

Email subscriptions for dashboards preview—Power BI dashboards pull together reports, images, Excel workbooks, and more, to provide a 360-degree view of your organization in a single pane of glass. Now you can set up a dashboard subscription in seconds, and that same pane of glass can be delivered to your inbox every day. Keeping tabs on your critical data has never been easier. Get more information.

Interactive R custom visuals support—R custom visuals can now also be interactive by generating HTML as the visual (instead of the static image that was supported until now). R custom visuals are capable of supporting tooltips and selections. See this blog for more information. Sign in to powerbi.microsoft.com to experience the new features immediately. For more information on these new features and others, visit the Power BI blog.

SQL Server 2017 (Windows, Linux, and Docker) | Release Candidate 1 (RC 1)

SQL Server 2017 first Release Candidate

The first Release Candidate of SQL Server 2017 is now available on Windows, Linux, and Docker. Learn more about the enhancements added since the last preview by visiting What’s new in SQL Server 2017. The preview of SQL Server 2017 in an Azure Virtual Machine is available for development and testing today for customers.

Azure App Service | App Service Isolated SKU general availability

The new App Service Isolated SKU introduces upgraded capabilities from App Service Environment for PowerApps, providing a fully isolated and dedicated environment for securely running Azure App Service apps at high scale.

The key advantages of the new App Service Environment include:

  • Streamlined scaling—The new App Service Environment eliminates the need to manage and scale the worker pools.
  • Upgraded performance—The new App Service Environment uses dedicated Dv2-based machines boasting faster chipsets, SSD storage and twice the memory per core when compared to its first generation
  • Simplified experience—Creating the new App Service Environment is easy. No separate workflow is required to spin up a new App Service Environment.

For more information, check out Azure Friday video and docs.

Azure Service Fabric | feature upgrades general availability

Azure Service Fabric Container feature upgrades

Azure Service Fabric extends its capabilities to orchestrate and work with containers in the new release. Besides container pruning and security updates (RunAs user accounts and certificate handling), we’ve introduced the ability to use individually assigned IP addresses to containers in the cluster, enabling easier deployment of multiple web endpoints, without coordination of port assignment or resolution. Azure Service Fabric now also supports reliable services to be deployed and run in containers as a preview.

To learn more, please visit the Service Fabric documentation page.

Azure App Service | App Service Domain Preview

App Service Domain Preview is a first-class experience to create and manage domains hosted on Azure DNS for Azure services such as Web Apps, Traffic Manager, Virtual Machines, and more. It offers easy subdomain management and assignment, auto-renew capabilities, and free cancellation within 5 days. Through Azure DNS, you will achieve better security, performance, and reliability. To get started, please see How to buy a domain for App Service.

Azure App Service | App Service Premium SKU V2 Preview

Azure App Service is adding a Premium V2 tier featuring Dv2-series VMs with faster processors, SSD storage, and double memory-to-core ratio compared to the previous compute iteration. This is an ideal App Service option for apps that require high performance and scalability. The following are web worker sizes available with Premium V2:

  • Small (1 CPU core, 3.5-GiB memory)
  • Medium (2 CPU cores, 7-GiB memory)
  • Large (4 CPU core, 14-GiB memory)

During the Preview timeframe, the pricing for App Service Premium V2 is identical to the pricing for the existing App Service Premium tier. All features included with App Service Premium are also available with App Service Premium V2. Premium V2 is available in a growing list of regions including South Central, West Europe, North Europe, Australia East, and Australia South East.

Learn More about App Service Premium V2 Preview.

Azure Service Bus | Hybrid Connections in US Government Cloud general availability

The Hybrid Connections feature of Azure Relay is now available to the public in the US Government Cloud. Azure Relay let’s you securely expose services inside a corporate network to the cloud, without opening a firewall connection or changing the corporate network. Hybrid Connections uses open standard web sockets to make this possible. You can keep your data where it is, while enabling access from the cloud or anywhere.

Benefits

  • Uses HTTPS and WebSockets to securely connect resources.
  • Leverages the robust management and monitoring features of Azure Relay.
  • No need for changes in your VPN, Firewall, or Proxy.

Pricing information is found on the Service Bus page hereMore information can be found here.

Azure Multi-Factor Authentication enhancements | Network Policy Server (NPS) Extension for Azure Multi-Factor Authentication general availability

We’re pleased to announce the NPS extension for Azure Multi-Factor Authentication is now available to the public. This is a key component in our strategy to move customers to cloud-based Multi-Factor Authentication.

You may have been holding off on your production deployment in anticipation of this release, which includes some important features and bug fixes. If so, we expect you’ll move forward with your production deployments in the coming weeks.

The GA bits are available through the Microsoft Download Center. We’ve updated the documentation for the feature and created a topic for the new features in this release.

Microsoft Advanced Threat Analytics (ATA) releases | general availability

We are proud to announce that the next version of Advanced Threat Analytics (ATA), Microsoft’s User and Entity Behavioral Analytics (UEBA) solution is now available! We are excited to see the interest from our customers and partners for ATA. Currently it helps our customers protect over 10 million users, as well as 21 million devices worldwide.

With new attack detections and behavioral analytics enhancements in every release, our engineering team is continuously working to innovate and to help you detect attackers before they cause any damage. In version 1.8, we’ve included some great improvements such as existing detection enhancements, as well as a new WannaCry Ransomware detection. We also have some infrastructure improvements such as single sign on, automatic events collection from the lightweight gateway, and some major ATA Center performance enhancements. Additionally, there are some improvements to the overall user experience.

To learn more about this release, please look out for the upcoming ATA v1.8 blog post on the Enterprise Mobility + Security blog.

If you haven’t already, go ahead and try out Microsoft Advanced Threat Analytics and download the evaluation bits.

Microsoft Cloud App Security | Discovery enhancements, security dashboard

With the new Cloud App Security release, now you can:

  • Customize the cloud app catalog by overriding the risk assessment for the discovered software as a service (SaaS) apps and adding custom notes and tags.
  • Automatically sanction and block discovered apps with new app detection policies.
  • Manage all security extensions to Cloud App Security through security dashboard security extensions to Cloud App Security, including API token management, SIEM agents and External DLP connectors.
  • Connect Cloud App Security to third party DLP vendors (i.e. Symantec, Vontu) and scan the contents of cloud apps using existing deployments running in your environment (this feature is in preview).
  • Apply Cloud App Security file labels to provide more insight into the files the DLP scans.
  • Initiate an immediate remediation action requiring users to sign in again to all Office365 and Azure Active Directory apps when a suspicious activity is identified.

For more information regarding this release, please visit the technical documentation page.