Kategorie: Microsoft Azure

Empowering operators and enterprises with the next wave of Azure for Operators services shaping the future of cloud

The future of connectivity and the cloud

Over the past decade, we at Microsoft have seen a tremendous amount of change—digital transformation enabled by the cloud. But the cloud’s biggest impact is yet to come. McKinsey estimates that by 2030, we’ll see more than a trillion dollars impacted by the cloud across the Fortune 500.1 In an industry currently experiencing large-scale transformation, this represents a huge opportunity.

The future cloud, however, will look very different from the cloud of today. It will expand to become a highly distributed fabric, spanning 5G to space. It will be powered by a modern network infrastructure and will enable a new application and connectivity paradigm—what we call modern connected apps—that puts compute even closer to the problems we need to solve.

This new generation of highly distributed, low latency, and network-aware applications uses 5G innovation to enable computing where it’s needed most and opens entirely new scenarios for operators, enterprises, and developers across a range of industries. 

Unlocking the opportunity for the telecommunications ecosystem

At Microsoft, our aim is to be the most trusted co-innovation partner through every stage of the digital evolution, committed to working with communications service providers (CSPs), enterprises, developers, and ISVs alike on the future of a ubiquitous cloud that unlocks the true potential of modern connected apps.

We are empowering operators to accelerate their network transformation with our carrier-grade, trusted platform and helping them unlock new opportunities with automation and AI.
We are enabling enterprises with ubiquitous computing that spans from cloud to edge.
And we are helping developers and ISVs build more innovative, network-aware applications.

Microsoft is providing the key solutions that are shaping the future cloud, and we have some exciting news in each of these areas to help operators, enterprises, and developers get started.

Accelerate network transformation with carrier-grade trusted platform

One of our goals is to enable operators to optimize their existing investments and services and to accelerate network transformation on our carrier-grade, trusted hybrid platform. Central to this goal is our Azure for Operators portfolio.

Last year, we unveiled a new wave of Azure for Operators solutions and services, which continue to enable the secure development of high-performance, low-latency applications, and next-generation wireless solutions. 

Introducing Microsoft Azure Operator Nexus

Today we are announcing the public preview of Azure Operator Nexus—the next-generation hybrid cloud platform created for communications service providers (CSPs). Since we debuted the private preview at MWC 2022, we’ve expanded the capabilities of Operator Nexus to meet the needs of operators that are looking to modernize and transform their network. Operator Nexus enables operators to use cloud technology to modernize and monetize their network investments—lowering total cost of ownership (TCO), driving operational efficiency and resiliency with advanced AI and automation, improving the security of highly distributed, software-based networks.

Operator Nexus enables operators to run their workloads on-premises or on Azure, where they can seamlessly deploy, manage, secure, and monitor everything—from the bare metal to the network to the tenant. It is purpose-built for carrier-grade workloads, using the same Azure experience offered by the hyperscale public cloud, supporting our first-party solutions as well as a wide variety of our partner ecosystem offerings from industry-leading network equipment provider (NEP) partners. Proven to run network functions at a tier-one operator scale, Operator Nexus meets the security, resiliency, observability, manageability, and performance needs required by operators to achieve meaningful business results throughout the digital transformation of their mobile network.

“As a pioneer in network virtualization and SDN, AT&T is confident in our decision to run our multi-vendor 5G Standalone Mobile Core on Operator Nexus platform while we continue to deploy and operate the platform in AT&T data centers. AT&T made the decision to adopt Operator Nexus platform over time with expectation to lower total cost of ownership (TCO), leverage the power of AI to simplify operations, improve time to market, and focus on our core competency of building the world’s best 5G service. We appreciate the efforts of our Network Function ecosystem collaborators to support the evolution of our Mobility Core platform.”—Igal Elbaz, Senior Vice President, Network CTO, AT&T

“Through the combination of Ericsson’s market-leading, cloud-native 5G Core applications and orchestration suite with Microsoft’s carrier-grade Operator Nexus platform, we envision many opportunities for CSPs to digitally transform their core networks while improving customer experiences and creating exciting, new mobile services. Building on our success at mutual customers such as AT&T, Ericsson, and Microsoft are investing together to ensure Ericsson 5G Core cloud-native applications run on the Operator Nexus platform efficiently, securely, and reliably."—Monica Zethzon, Vice President and Head of Solution Area Core Networks, Ericsson

“With the addition of Mavenir’s open cloud-native architecture end-to-end solutions including Converged Packet Core to Operator Nexus platform we look forward to working with Microsoft to help operators drive their core network transformations.”—Bejoy Pankajakshan, EVP, Chief Technology and Strategy Officer, Mavenir

"We’re excited to further strengthen our growing partnership with Microsoft to Nokia’s Cloud and Network Services portfolio that enables operators to run Nokia’s cloud-native 5G Core on Operator Nexus’ carrier-grade hybrid cloud platform as well as for Nokia to provide the network functions and platform to make operator network APIs available to developers through the Azure platform."—Fran Heeran, SVP, Core Networks, Nokia Cloud and Network Services, Nokia

Learn more about Operator Nexus in this Operator Nexus blog and this Operator Nexus video.

Azure Operator Nexus Ready and systems integrator programs

We are also introducing the Operator Nexus Ready and systems integrator (SI) programs to ensure that our platform has a broad and trusted ecosystem of support. To accelerate deployment and integration, the  Operator Nexus Ready program certifies that the ecosystem of cloud-native network functions (CNFs), virtual network functions (VNFs), and other software interoperate with the Operator Nexus platform. We are in the process of certifying VNFs and CNFs from a range of partners with two certification levels.

Level one is a base level that assures interoperability with the Operator Nexus platform.
Level two adds Azure deployment automation using the Azure Network Function Manager and offers entrance into the Azure Marketplace for ready availability to operators.

Additionally, our Operator Nexus SI program includes a select group of systems integrators known for both their telecommunications expertise, as well as their broad Azure skills. Each of these partners will work closely with the Operator Nexus engineering team to build their Operator Nexus platform skills, and to assure customer success in deployment and integration.

Voice Core reimagined 

Another crucial aim of ours is to help optimize operators’ existing communications investments and services. To this end, we are announcing the general availability of Azure Communications Gateway and the private preview of Azure Operator Voicemail. We developed these voice services to support fixed and mobile operators as they continue to migrate critical voice workloads to the cloud.

Azure Communications Gateway provides operators with the critical interworking functionality required to connect an operator’s established public switched telephone network (PSTN) directly to Microsoft Teams, enabling them to deliver Operator Connect and Teams Phone Mobile services. Communications Gateway is a globally available, managed service that offers an alternative to on-premises solutions for session initiation protocol (SIP) interworking and API automation, thereby simplifying network integration and expediting operators’ time to market. To learn more, read the Azure Communications Gateway Tech Community blog.

Azure Operator Voicemail enables operators to migrate their voicemail services to Azure and take advantage of a fully managed service, reducing the operational support burden and allowing for greater focus on revenue-producing projects. To learn more, read the Azure Operator Voicemail Tech Community blog.

With these announcements, we remain committed in our effort to accelerate network transformation and meet operators exactly where they are on their cloud journey.

Unlock opportunities with automation and AI

The world has been inspired by the transformative power of AI thanks to the recent success of ChatGPT and our ongoing partnership with OpenAI. Now, operators can take advantage of specialized, advanced AI solutions that help to unlock new business opportunities from data and insights in their operations, such as AIOps.

Next-gen AI operations for operators

The complexity of managing 5G services requires a new way of managing networks dependent on real-time analysis of massive quantities of data that applies predictive AI to inform the configuration of the product environments. AIOps employs the same operational techniques and capabilities that Microsoft uses to manage Azure, one of the world’s most complex services, packaged specifically for operators’ needs.

Today, we are announcing the public preview of two AIOps services Azure Operator Insights and Azure Operator Service Manager. These hybrid services simplify the management of existing networks as well as ensure new Microsoft services, such as Azure Operator Nexus, Voice Communications Gateway, and Operator 5G Core, are managed with consistent approaches for monitoring, diagnostics, and lifecycle management.

Azure Operator Insights enables the collection and analysis of massive quantities of network data gathered from complex multi-part or multi-vendor network functions. It delivers insights for operator-specific workloads to help operators understand the health of their networks and the quality of their subscribers' experiences.
Azure Operator Service Manager provides seamless management of complex services deployed across hybrid cloud sites. Combined with consolidated management across Azure cloud and edge platforms, Operator Service Manager helps to accelerate operator service deployment. Together, these new services generate insights from data to inform the configuration of the network—with changes tested thoroughly using Safe Deployment Processes. We are making them available to operators, NEPs, and SIs directly for managing workloads in operators’ networks, Azure, and hybrid environments. We look forward to the opportunities these new AIOps services bring operators in the future.

“3UK is laser-focused on delivering world-class gaming experience to mobile users and we are excited to be working with the Microsoft Azure for Operators organization whose new operator-specific analytics services are delivering near real-time insights with quality, timeliness, and cost-effectiveness not otherwise possible.”—Iain Milligan, Chief Network Officer, 3UK

“2degrees delivers world-class mobile services to our customers. We are excited to be working with Microsoft Azure for Operators and their new operator-specific analytics services. Together we are exploring innovative capabilities using the new Azure Operator Insights analytics service, focusing on ensuring we continue to provide our customers with the exceptional mobile services they expect.”—Saul Parkinson, Core Network Architect, 2degrees

Azure for Operators brings together a truly better-together portfolio that encompasses many aspects of the operator’s network. It’s rooted in Azure Operator 5G Core and deployed by Azure Operator Service Manager on Azure Operator Nexus. Using AI from Azure Operator Insights, it’s intelligently operated and monitored. And importantly, it includes opportunities for our ecosystem of partners. Watch the video to learn more about how we are empowering operators to modernize and monetize their 5G investments. 

Build innovative, network-aware applications with new Azure Programmable Connectivity 

Along with operators, we are also working hard to enable developers for the evolution of cloud and edge. Today, we are announcing the private preview of Azure Programmable Connectivity, a solution for developers to build network-aware modern connected applications. Azure Programmable Connectivity provides a unified, standard interface across operator networks, enabling developers to create cloud and edge-native applications that interact with the intelligence of networks. This solution will deliver a consistent, transparent experience across multiple connectivity environments such as public and private LTE/5G networks, as well as wired and satellite networks. By exposing aspects of the underlying network to applications, Azure Programmable Connectivity provides a large developers ecosystem enabling operators to monetize their infrastructure investments.

Azure Programmable Connectivity helps application developers deliver the best user experience for highly distributed, modern connected applications by offering a seamless and enriched connection between networks and diverse compute targets, such as cloud regions, private and public MEC, IoT edge, and satellite for example, ensuring that developers can access the underlying network capabilities with ease. We are also collaborating with a growing ecosystem of operators, network technology companies, and API platform providers to help unlock the potential of Azure Programmable Connectivity. These include a global operator ecosystem including AT&T, Rogers, and T-Mobile in North America; Deutsche Telekom and Telefonica in Europe; and Singtel in Asia. Microsoft is also working with network technology partners and API platform providers Ericsson including its Vonage/Ericsson Global Network Platform and Nokia including its Network as Code platform, with more partners coming soon.

Watch demo videos with some of our partners AT&T, DT/T-Mobile, and Telefonica.

Developers can apply and signup for access to the private preview program.

Enable ubiquitous computing from cloud to edge 

As the cloud continues to grow in capability, agility, and reach, so does our platform, which enables ubiquitous computing and connectivity extending from cloud to edge—including private MEC, public MEC, on-premises, cloud regions, and even space.

Azure Private 5G Core now generally available 

As part of this expansion, today we are excited to announce that Azure Private 5G Core is now generally available. Since introducing Azure private MEC in public preview in June 2021 and Azure Private 5G Core at MWC 2022, we continue our mission to empower enterprises and governments to achieve more with multi-access edge compute, networking, and applications.

Azure private MEC will be built and delivered by an increasing set of operators, SIs, and ISV partners, serving enterprises across a wide range of industries around the world, including manufacturing, transportation, logistics, energy, and defense sectors. To date, more than 25 partners have published their offers on Azure Marketplace, making it easy for enterprises to quickly deploy these solutions, and to take advantage of private 5G. Learn more about our partner solutions in this private MEC blog.

Azure Private 5G Core provides a simple, scalable, and secure deployment of a 5G standalone core network deployed on Azure Stack Edge. This release includes a range of enhanced features such as support for 4G LTE and 5G standalone radios, rapid deployment on Azure Kubernetes Service (AKS) on Azure Stack Edge Pro, and multi-site deployment. It also includes a built-in metrics dashboard, enhanced availability, advanced SIM policy with QoS support, and support for select Azure Stack Edge and HCI hardware platforms. 

Hosted on Azure private MEC, we are also unveiling Azure Edge Network Fabric which provides secure policy-based routing between multi-access devices at a customer’s premises and local applications, cloud, and edge networks, simplifying private MEC deployments. We are also previewing Radio Access Network (RAN) Observability capability to integrate RAN key performance indicators (KPI) with online dashboards. This feature provides partners and enterprises with combined observability, network insights, and analytics capability for the complete private 4G or 5G network—all from a single Azure portal.

“Reliable network connections are key for many processes and applications throughout the airport, especially the bridging point between Wi-Fi networks and public networks, as this is becoming an increasing issue with large amounts of data and real-time applications. NTT’s solution, powered by Azure private MEC, is helping us deploy the infrastructure and applications that will increase our operational efficiencies. NTT’s knowledge of 5G networks, combined with their experience in the aviation industry, is the perfect combination.”—Sebastian Mueller, CIO Cologne Bonn Airport

Expanding Azure public MEC solutions across North America and Asia 

Finally, our public MEC capabilities continue to expand to enable enterprises and developers to deploy latency-sensitive applications in densely populated metros for use cases such as venues, airports, and connected cities. At Microsoft Ignite, we announced the general availability of Azure public MEC with AT&T in Atlanta and Dallas. Now, we are extending the general availability of new sites with AT&T in Detroit, with New York, Los Angeles, and Miami coming soon. We are also happy to announce the private preview of the Azure public MEC with Singtel in Singapore, the first public offering in Asia, which extends the capability of Azure to Singtel’s 5G network edge. 

“Combining AT&T 5G with the Azure public MEC solution is laying the foundation for low-latency use cases, especially across transportation. With vehicles becoming the ultimate connected device, these edge zones will allow for new and improved driving experiences. With each new site, we’re one step closer to seeing the true breadth and depth 5G will unleash for businesses and consumers alike.”—Mike Troiano, SVP, Products, AT&T Business

“Singtel is excited about the collaboration with Microsoft to be the first telco in Asia to launch an Azure public MEC offering powered by Azure and Singtel Paragon Platform. The Azure public MEC is now available for enterprises in Singapore to deploy latency-sensitive applications. Enterprises can also leverage the ecosystem of partner apps from Singtel’s Paragon Platform and Microsoft at the Azure public MEC.”—Bill Chang, CEO Group Enterprise and Regional Data Center, Singtel

Learn more in Azure public MEC with this Singtel video.

MEC ISV programs enable rapid enterprise solution deployments 

We invite technology partners to join our ISV programs for Azure public MEC and Azure private MEC to receive technical benefits and platform capabilities designed specifically for ISVs, including discounted demos, training, and go-to-market support. 

Azure private MEC ISV program: Watch and read this blog to learn more about the Azure private MEC ISV program featuring Cognitiwe, Ipsotek, RedViking, and weavix. Register here to learn more.
Azure public MEC ISV program: Watch the video to learn more about the Azure public MEC ISV program featuring Multicasting.io, Palo Alto Networks, and Veeam. Register here to learn more.

Get started today

Along with our ecosystem partners, we are truly building a "better together" architecture that holistically addresses the needs of CSPs as they look to transform their networks. Our aim is to be the most trusted co-innovation partner through every stage of the digital evolution, committed to working with operators and enterprises on the future of modern networks and the cloud.

Invitation to operators, system integrators, and network function partners

For CSPs interested to modernize and monetize their network investments, signup today.
Operators and System Integrators interested in collaborating with Microsoft to build solutions with private MEC can get started by registering now.

Invitation to enterprise, developers, and ISVs 

Enterprises interested in any of the solutions listed above can contact our partners via the Azure Marketplace listings, or by contacting the Azure private MEC team.
Developers who are interested to create network-aware applications with Azure Programmable Connectivity can sign up now.
Discover transformative 5G use cases, training, solution accelerators, and 5G starter kits.
Application ISVs interested in collaborating with Microsoft to build MEC solutions can get started by registering here for private MEC and here for public MEC.
To learn more about how Microsoft is helping organizations embrace 5G with modern connected applications, sign up for news and updates delivered to your inbox.

1Cloud’s trillion-dollar prize is up for grabs, McKinsey.
Quelle: Azure

Farming from space: How orbital data is unlocking novel agriculture insights

High-performance computing (HPC) and orbital data deliver unprecedented insights into weather patterns, improving planning, forecasting, and decision-making, in an ever-evolving agriculture supply chain.

Consequently, global food security may be one of the defining challenges of the coming decades. By 2050, The World Bank estimates that global food production will have to rise by a staggering 70 percent to feed the growing global population.

Although population growth in several Western countries is slowing down or declining, many emerging markets are experiencing exponential growth in their populations.

By the turn of the century, it is expected that many of the most populated cities in the world will be located across Africa—with Lagos, Nigeria leading the pack with an estimated population of 88.3 million by 2100. The African continent will also play a leading role in global food security, with 60 percent of the world's uncultivated arable land situated in Africa.

Agriculture is also a major job creator in emerging economies such as in Africa. An estimated 80 percent of farmland in Africa and Asia is managed by smallholder farmers, who in turn produce up to 80 percent of the food supply in sub-Saharan Africa and Asia. It is also not only agriculture that will generate and drive employment in Africa over the next decades, but also the respective businesses that support the agriculture industry, such as processing, packaging, logistics, financial services, and security, that will be able to add to the growing number of jobs in the sector, especially in rural areas.

Many smallholder farmers operate without the benefit of accurate weather data, which can undermine crop yields, lead to crop losses, and negatively impact regional and global food security. Innovation by Microsoft and industry partners powered by Azure HPC is set to change this, at scale.

The Agri-industry adapts to climate change

A newly established collaboration between Microsoft and Tomorrow.io, a global leader in weather and climate security, will support businesses, governments, and farmers across Africa in adapting to the growing impact of climate change.

Announced at the recently concluded COP27, the collaboration will provide near real-time data from a global multi-sensor satellite constellation with an AI-powered, high-resolution global weather model that will be deployed to Azure HPC.

This follows calls from United Nations (UN) Secretary-General António Guterres, who noted that high-quality weather forecasts, early warning systems, and climate information are "essential to improve protection and build resilience." Secretary-General Guterres further added that the UN has set an ambitious target of deploying a global, extreme weather, and climate change alert system within five years.

More than five billion people lack access to reliable and actionable weather information, the bulk of which reside in Africa and Asia. Improving smallholder farmers' access to accurate weather data can reduce the risks of reduced yields and diminishing crop viability. In addition, it can also improve access to crop insurance, a vital step in agricultural industry development.

Tomorrow.io and Microsoft’s collaboration will enable access to localized, high-resolution weather forecasting models, and will focus primarily on supporting climate-resilient farming and helping smallholder farmers optimize their yield productivity.

Not only will this collaboration with African government agencies empower existing meteorological agencies to deliver weather intelligence, early warnings for severe weather, and state-of-the-art climate information, but it will also increase local farmers’ ability to become more resilient in the face of extreme weather events, thus increasing the protection of the food production chain across the continent.

Powering weather research and forecasting to scale

Applying HPC capabilities to weather prediction can also aid responses to major storms which may help prevent catastrophic agricultural losses, as one ground-breaking project shows.

When the Category 5 storm Hurricane Maria struck the Caribbean in 2017, the National Centre for Atmospheric Research leveraged the power of Azure HPC to develop a one-kilometer resolution model of the storm with 371 million grid points. Powered by Azure HBv2 VMs featuring AMD's EPYCTM 7002 series processors, the researchers were able to scale the model to over 80,000 processes while maintaining 70 percent efficiency—more than double the performance of a supercomputer that ranks among the top 20 globally.

The Azure HBv2 VMs offer supercomputer performance and MPI scalability while still driving cost efficiencies for a variety of real-world HPC workloads. Each Azure HBv2 VM sports 120 AMD EPYCTM CPU cores and 480GB of memory that power applications in computational fluid dynamics, explicit finite element analysis, seismic processing, reservoir modeling, and weather simulation.

This reduces time to forecast by rapidly delivering actionable weather predictions, improving agility, and providing high-fidelity simulations of atmospheric conditions through physics and data assimilation.

For governments, businesses, and smallholder farmers that seek to safeguard the global food supply, access to accurate weather data powered by Azure HPC and AMD could be a game-changer. Uncertainty would become obsolete. Risks due to severe weather could be more optimally mitigated. And losses could be better protected. This is evident from a recent survey of farmers in the southern districts of India, where more than 70 percent of them misjudged the onset of the monsoon season and had to replant their crops.

With improved access to data, farmers and decision-makers can improve their response to weather events and ensure maximum crop yields, thereby building greater resilience and ensuring maximum crop yields.

Find out more about Azure HPC

To request a demo, contact HPCdemo@microsoft.com.
Learn more about Azure HPC + AI.
High-performance computing documentation.

Quelle: Azure

Microsoft Azure innovation powers leading price-performance for SQL Server

As part of our commitment to ensuring that Microsoft Azure is the best place to run SQL Server and Windows Server, Microsoft is excited to announce that SQL Server on Azure Virtual Machines just achieved new, faster performance benchmarks than ever before. According to a report from analyst firm GigaOm, customers can get mission-critical performance for SQL Server on Azure Virtual Machines up to 57 percent faster and costing up to 54 percent less than AWS EC2 on a price-performance basis, with Azure Hybrid Benefit and a three-year commitment.1 As Pam Lahoud wrote, this steady increase in performance and value is the result of an ongoing series of investments in the core Azure infrastructure, including the Ebdsv5 virtual machine (VM) series that are optimized for your database workloads and new Premium SSD v2 Disk Storage that brings you faster performance than before, up to 70 percent faster than a year ago. But great hardware isn’t all we have for your SQL Server—Azure also has unmatched price offers, unique Windows Server and SQL Server manageability features, and tools and programs to get your workload to the cloud.

Azure provides the most value for your Windows Server and SQL Server workloads with unique capabilities and offers that allow you to save costs, time, and reduce complexity to do more with less. You can save up to 85 percent over the standard pay-as-you-go rate leveraging Windows Server and SQL Server licenses with Azure Hybrid Benefit when migrating to Azure virtual machines. Not only do we help you save when you move, but we want to help you optimize your workloads in Azure. You can get the most out of Azure on an ongoing basis with recommendations to optimize your workloads and costs with Azure Advisor.

In addition, customers can purchase Azure Reserved Virtual Machine Instances to lock in the best pricing on a specific virtual machine instance series for a one- or three-year period. If you need flexibility for dynamic workloads, consider the new Azure savings plan for compute, a flexible pricing model that unlocks savings when you commit to spending a fixed hourly amount on select compute services for one or three years. Save regardless of region, instance series, or operating system. Learn more in the Azure saving plan for compute announcement blog.

Azure provides unmatched manageability for Windows Server and SQL Server. By registering your SQL Server on Azure Virtual Machines with SQL IaaS Agent Extension, you can access a plethora of benefits: lower total cost of ownership (TCO), robust and simple high availability/disaster recovery (HA/DR), and built-in and free security and manageability. Registering SQL Server virtual machines enables you to switch between pay-as-you-go licenses or using Azure Hybrid Benefit to bring SQL Server licenses from on-premises to Azure directly within the Azure portal. Registration also simplifies the complex administrative task of Always On availability group deployment and enables you to use the disaster recovery license type, which is included with your Azure Hybrid Benefit or pay-as-you-go licensed primary SQL Server instance. Optional automated backup can be configured with backup encryption, configurable retention period, and custom backup schedules. You can also set up automated SQL Server security updates within customer-defined maintenance windows and easy configuration of database encryption through Azure Key Vault integration, both of which allow you to manage your patching to better meet your security and compliance needs.

Save hours of day-to-day IT overhead for Windows Server applications and data by simplifying IT management with Azure Automanage. Further increase efficiency and workload uptime through reboot-less patching of Windows Server VMs with Hotpatch, available only on Azure.

Azure has virtual machine and storage hardware designed for your most critical SQL Server workloads. Azure Ev5 VMs are designed for memory-intensive, business-critical applications, relational database servers, and in-memory data analytics workloads. The Ebdsv5 series of VMs, part of the Ev5 family, are ideal for database and other I/O-intensive workloads because they offer higher remote storage throughput and IOPS per vCPU than any other VM series in Azure. We recently added to this lineup Azure Premium SSD v2, the next generation of Premium SSD Disk Storage that offers the most advanced general-purpose block storage solution with the best price performance. Premium SSD v2 offers sub-millisecond disk latencies for demanding IO-intensive workloads at a low cost.

Azure has great destinations for modernizing SQL Server. Azure SQL Managed Instance is a managed, always up-to-date SQL instance in the cloud, and it makes a great destination for database modernization in Azure. It has great performance as well: as I have mentioned previously, SQL Managed Instance has up to five times faster performance while costing up to 93 percent less than AWS RDS.2 Spend more time innovating and less time patching, updating, and backing up your databases and realize up to 40 percent faster time to value.3 The link feature of Azure SQL Managed Instance connects SQL Servers hosted anywhere (supporting SQL Server 2019 and SQL Server 2022) to Azure SQL Managed Instance, providing hybrid flexibility and database mobility. Using near real-time data replication to the cloud, shift workloads to read-only secondaries on Azure to take advantage of cloud-only features, performance, and scale. You can also choose to migrate one or more applications at the same time, at your own pace, with minimum downtime.

Azure offers free tools before, during, and after migration. Automate the move, gain rightsizing insights to drive efficiencies, and stay optimized after the move: Azure Migrate and Azure Database Migration Service provide integrated discovery, assessment, migration, and modernization capabilities for SQL Server and Windows Server workloads, including extensibility features for ISV tool integration. Reduce your migration costs and accelerate your journey with expert support from Microsoft and partners through the Azure Migration and Modernization Program. The new Microsoft SQL + Apps Migration Factory Program can help you assess and migrate qualifying low-complexity SQL Server and Windows Server applications and databases to Azure at no cost to you.4

Getting started with SQL Server on Azure

Read the full benchmark report for SQL Transaction Processing and Analytic Performance Price-Performance Testing.
Watch and learn with Microsoft Mechanics: Best option for Database Migration into Azure.
Learn more about saving time and enhancing security by registering your SQL Server on Azure Virtual Machines from this datasheet and our documentation.
Accelerate your modernization with our on-demand webinar: How to Migrate SQL Server from VM to SQL Managed Instance.

 

 

1 Price-performance claims based on data from a study commissioned by Microsoft and conducted by GigaOm in January 2023. The study compared price performance between SQL Server 2019 Enterprise Edition on Windows Server 2022 in Azure E32bds_v5 instance type with Premium SSD v2 disks and SQL Server 2019 Enterprise Edition on Windows Server 2022 in Amazon Web Services Elastic Cloud Compute instance type r5b.8xlarge with General Purpose (gp3) volumes. Benchmark data is taken from a GigaOm Transactional Field Test derived from a recognized industry standard, TPC Benchmark™ E (TPC-E) The Field Test does not implement the full TPC-E and as such is not comparable to any published TPC-E benchmarks. Prices are based on publicly available US pricing in East US for SQL Server on Azure Virtual Machines and Oregon for AWS EC2 as of January 2023. The pricing incorporates three-year reservations for Azure and AWS compute pricing, and Azure Hybrid Benefit for SQL Server and Windows Server, and License Mobility for SQL Server in AWS, excluding Software Assurance and support costs. Actual results and prices may vary based on configuration and region.

2 Price-performance claims based on data from a study commissioned by Microsoft and conducted by Principled Technologies in April 2022. The study compared performance and price performance between a 16 vCore, 64 vCore and 80 vCore Azure SQL Managed Instance using premium-series hardware on the business-critical service tier and the db.m6i.32xlarge, db.r5b.4xlarge and db.r5b.16xlarge offerings for Amazon Web Services Relational Database Service (AWS RDS) on SQL Server. Benchmark data is taken from a Principled Technologies report using recognized standards, HammerDB TPROC-C, HammerDB TPROC-H and Microsoft MSOLTPE, a workload derived from TPC-E. The MSOLTPE is derived from the TPC-E benchmark and as such is not comparable to published TPC-E results, as MSOLTPE results do not comply with the TPC-E Specification. The results are based on a mixture of read-only and update intensive transactions that simulate activities found in complex OLTP and analytics application environments. Price-performance is calculated by Principled Technologies as the cost of running the cloud platform continuously divided by transactions per minute or per second throughput, based upon the standard. Prices are based on publicly available US pricing in South Central US for Azure SQL Managed Instance and US East for AWS RDS as of April 2022 and incorporates Azure Hybrid Benefit for SQL Server, excluding Software Assurance and support costs. Performance and price-performance results are based upon the configurations detailed in the Principled Technologies report. Actual results and prices may vary based on configuration and region.

3 Results are based on customers interviews. “The Economic Value of Migration On-premises SQL Server Instances to Microsoft Azure SQL Solutions,” a commissioned study conducted by The Enterprise Strategy Group on behalf of Microsoft, October 2020.

4 Subject to the limitations described in the full SQL + Apps Migration Factory program specifications here, and provided that the SQL Server workloads are low complexity with no code changes, Microsoft agrees to assess and migrate SQL Server databases and SQL Server-associated applications from your datacenter or AWS EC2 to Azure at no cost to customer. Migrations must be completed by June 30, 2023.
Quelle: Azure

Azure Managed Lustre—Parallel file system for HPC and AI workloads

Today, Microsoft is announcing the public preview of Azure Managed Lustre, a new addition to the storage offerings in our Azure HPC + AI solution. Lustre is an open-source parallel file system renowned for high-performance computing (HPC) and is adept at large-scale cluster computing. Azure Managed Lustre provides the high-performance storage of Lustre with the control and consistency of Microsoft’s cloud. As a result, customers can focus on their business goals, whether that’s building a fraud detection system based on SAS analytics, decoding the human genome to create the next breakthrough in medicine, leading the frontiers of energy exploration with seismic data processing and sustainable energy solution, or predicting the climate and weather patterns impacting human life on planet earth.

Lustre as an Azure Managed Service

With Lustre as a managed service, users can now focus on building and running their HPC and AI applications without managing an advanced parallel file system. HPC and AI workloads can seamlessly migrate to the cloud, retaining their compatibility with Lustre and protecting existing automation and platform investments developed when previously run on premises. Azure Managed Lustre enables a fast on-demand deployment of clusters serving global regions, alleviating advance planning while meeting the compliance and data residency requirements. With a palette of performance options, Azure Managed Lustre delivers an elastic solution where users can deploy independent and exclusive clusters with predictable performance eliminating the noisy-neighbor problem commonly experienced in the on-premises shared infrastructures.

The public preview includes two durable SSD-based SKUs which deliver a choice in performance options for mission critical workloads: 125 MB/s and 250 MB/s for every provisioned TiB of capacity. During the preview, you can create cluster sizes up to 128 TiB by default, with an option to scale up to 768 TiB upon request. Azure Managed Lustre is built on the highly durable Azure managed disks with locally-redundant storage consisting of 3 replicas so even if one or two replicas experience issues you still have tolerance against failures. Azure Managed Lustre delivers POSIX-compliant Lustre version 2.15 (LTS), which offers several performance improvements. We focused on capabilities that enable users to consume Azure Managed Lustre easily without worrying about how to build and deploy the Lustre clients on their compute VMs and containers. With the Azure Managed Lustre preview, customers can choose from:

Use Azure HPC images prebuilt with Lustre client packages for Ubuntu 18.04 and 20.04 (or)
Download Lustre client packages from packages.microsoft.com for Linux distros – Ubuntu 18.04, 20.04 & 22.04; RHEL 7.8 & RHEL 8.0

Data tiering using hierarchical storage management allows users to import and export data between Azure Managed Lustre and Azure Blob. This capability enables users to define data archival, retention and protection based on pre-defined policies. Users of large data sets can import the data which is hot and relevant for their active data processing in Azure Managed Lustre clusters and archive/retain the remaining in Azure Blob. This enables them to keep their run-time costs low. Additionally, data tiering to Azure Blob allows the users to leverage its global presence and availability to instantiate Azure Managed Lustre clusters in multiple regions on demand. Integration with Azure Blob additionally facilitates multiprotocol data access via NFS, HDFS and REST. Modern containerized applications in AI/machine learning (ML) and analytics can now run on Azure Kubernetes Service leveraging the CSI driver for Azure Managed Lustre. For example, analytics applications built on top of SAS Viya can seamlessly leverage the high per-core storage performance that they require by integrating with the Azure Managed Lustre CSI driver.

Purpose-built for HPC and AI workloads

We are thankful to our private preview customers who helped us build and perfect the product while addressing their key needs. We are committed to building and supporting Azure Managed Lustre as it helps you with your journey of running your high-performance applications in Azure.

“We work with customers who have many different types of HPC workloads, and we frequently hit storage performance constraints because their projects can involve anything from thousands to tens of thousands of files, all of which need to be read and written in parallel. When we encounter storage bottlenecks or throttling errors on our HPC platforms, we know it is time to turn to Azure Managed Lustre. With Azure Managed Lustre we can add extremely performant storage that can readily keep up with the HPC compute, and automatically sync input and results data with persistent blob storage. Because it can be started and stopped on demand, within a few minutes, Azure Managed Lustre is quite cost efficient and pays for itself by giving us the ability to scale up or scale out our HPC compute, generating results much faster.”—Felipe Ayora, Director—Research and Advanced Computing, BizData.

“The new Azure Managed Lustre file system is a real game changer. It accelerates HPC deployment of our software and eliminates the need to run persistent storage servers. Setup is simple, and parallel i/o performance is fast enough to support very high-throughput workloads.”—Bill Shea, CEO Sharp Reflections.

Next Steps

To trial Azure Managed Lustre for free, complete the registration form. Learn more about how to use Azure Managed Lustre and its various supported features from our documentation.

Learn more about HPC and AI solutions

Read the Azure Managed Lustre documentation.
Read our Azure Managed Lustre technical blog.
Visit our Azure HPC hub for more technical content developed for HPC.
Read about our Azure HPC + AI solution.

Quelle: Azure

Exploring mTLS setup to send a client certificate to the backend and OCSP validation

In our previous blog we discussed what mutual transport layer security (mTLS) is and what some of its use cases are. In this blog I want to discuss two of those use cases. First, how to send client certificate to the backend application server and validate the setup by curl command and second how to set up OCSP validation and do verification by openssl commands.

Insert client certificate as HTTP header

In some cases, backend applications may need a client certificate that is received by Application Gateway. Client certificates can serve different purposes as per the need of the backend applications. Some backend servers may need client certificate information for audit purposes or may want to issue token or cookie to a client certificate. In that case we may have to supply the client certificate to the backend. One way to solve this is by supplying the certificate in base64 encoded format within a nonstandard HTTP (Hypertext Transfer Protocol) header. Please note, for security purposes and to prevent header injections, backend server must accept the custom header from trusted Application Gateway. Let’s discuss first how to send client certificate to backend application as custom http header. To achieve that you can set up a rewrite rule to send client certificate as HTTPS header.

Find more details on how to set up a rewrite rule in our rewrite URL and query string with Azure Application Gateway documentation.

Below is the rewrite rule that you can create to send client certificate to the backend as an HTTP header. Setup rewrite action as below.

Above is screenshot of Create rewrite set explaining values that need to be populated for Rewrite rule.

Once a rewrite rule is created you can verify if the backend server is receiving client certificate in the HTTP header. To test the setup prerequisite is to have openssl and curl tool installed in your machine. You should have access to the client certificate and client private key.

Verification steps to check client certificate in custom HTTP header:

Capture the client certificate output.

more client.crt

Above is screen shot showing client certificate output.

Run the following commad to send a request to Application Gateway:

curl -vk HTTPS://<yourdomain.com> –key client.key –cert client.crt

In the backend server you should see the header you created in the Application gateway rewrite rule. You will have to run network capturing tools like tcpdump at the backend server.

Above screenshot shows Client certificate that backend has received.

Above you can see the X-Client-cert header received by backend that we have created in the rewrite rule. This header has the client certificate that we have sent. The backend server can extract this value and use it based on the desired use case.

OCSP

Online certificate status protocol (OCSP) is now supported by Application gateway. Let’s discuss here how to setup OCSP and validate the setup with openssl command. With OCSP support you can verify the status of the client certificate in real time. This can prevent man-in-the-middle attacks by ensuring that the certificate being present is still valid and has not been compromised. You can get more details about OCSP in RFC 2560. It is easy to setup. When a client initiates a connection to an Application Gateway configured with mutual TLS authentication, not only can the certificate chain and issuer's distinguished name be validated, but revocation status of the client certificate can be checked with OCSP (Online Certificate Status Protocol). During validation, the certificate presented by the client will be looked up via the defined OCSP responder defined in its Authority Information Access (AIA) extension. In the event the client certificate has been revoked, the application gateway will respond to the client with an HTTP 400 status code and reason. If the certificate is valid, the request will continue to be processed by application gateway and forwarded on to the defined backend pool.

Please check this OCSP link to enable this capability. I have summarized the PowerShell command to setup OCSP.

$AppGw = Get-AzApplicationGateway -Name "ApplicationGateway01" -ResourceGroupName "ResourceGroup01"

$profile = Get-AzApplicationGatewaySslProfile -Name "SslProfile01" -ApplicationGateway $AppGw

Set-AzApplicationGatewayClientAuthConfiguration -SslProfile $profile -VerifyClientCertIssuerDN -VerifyClientRevocation OCSP

Once you have set up OCSP, you can verify your client certificate with the OCSP endpoint using openssl command.

openssl ocsp -issuer <ca-bundle> -cert client.crt -text -url <HTTP://FQDN>

Ca-bundle—certificate authority (CA) that has issued the certificate (uploaded per the link step 8 from our previous blog)

Client.crt—Client certificate

url—This will be OCSP endpoint URL address. If you do not know what the URL is you can find the OCSP endpoint of client certificate by using following command:

openssl x509 -in client.crt -text | grep -I OCSP

OCSP—URL:HTTP://ocsp.sectigo.com

Above is screen shot of openssl command showing status of client certificate verification.

You should see the following response if certificate is valid:

Response verify OK

client.crt: good

After verification of your client certificate through OCSP endpoint, you can verify the traffic by sending a request to Application Gateway that has OCSP check-enabled.

curl -vk HTTPS://yourdomain.com –key client. Key –cert client.crt

In case the certificate is not a valid client certificate, OCSP will respond with either “revoked” or “unknown”. Below is the error for “unknown” certificate.

Conclusion

In this blog we have discussed two cases that application gateway supports. You have learned how to send client certificate to backend as HTTP header and verify the setup by using curl command. Also, you have learned how to set up OCSP and verify the setup by openssl command line.

Learn more and get started with Azure Application Gateway

What is Azure Application Gateway | Microsoft Learn
Overview of mutual authentication on Azure Application Gateway | Microsoft Learn
Frequently asked questions about Azure Application Gateway | Microsoft Learn
Overview of mutual authentication on Azure Application Gateway | Microsoft Learn

Quelle: Azure

7 reasons to join us at Azure Open Source Day

This post was coauthored by Katie Fritsch and ChatGPT.

Are you interested in learning more about Azure and open-source technologies?  Do you want to learn about the latest AI capabilities on Azure and how Microsoft is leveraging open-source technologies to drive innovation? If so, you won't want to miss Azure Open Source Day on Tuesday, March 7, 2023, at 9:00 AM–10:30 AM Pacific Time.

Azure Open Source Day is a great opportunity to learn more about Microsoft's role in the open-source community, its contributions, and vision. Microsoft has a long history of supporting and contributing to open-source projects, and it continues to be a leader in the community today. Learn how Microsoft is empowering developers to build innovative solutions using the best of cloud capabilities and open-source technologies.

Here are seven reasons why you should attend:

See app-building demos—Discover how to build intelligent applications that are fast, flexible, and scalable using containers, Azure Kubernetes Service (AKS), and Azure managed databases and Azure AI services. Azure provides a wide range of tools and services that can be used to build intelligent applications.
Learn from partners—See how to use the power of Azure to build intelligent apps fast and flexibly using the best of open-source technology. Hear about Microsoft and Nvidia’s partnership to allow developers to spin up a platform in a matter of minutes.
Discover new innovative technologies—Find out how to use Dapr—an open-source project developed by Microsoft and a growing community of contributors—to easily build, deploy, and scale microservices. Dapr helps you to focus on business logic while abstracting away the underlying infrastructure and platform.
Hear perspectives on open-source trends—Hear from Microsoft luminaries Brendan Burns and Sarah Novotny, and our partners (GitHub, HashiCorp, Redis, and Nvidia) about how open source can be used to drive technological progress and drive collaboration between companies.
Get proven support—Get a first look at how Microsoft is committed to supporting its customers with their technology needs whatever they may be, including Web3 scenarios and use cases. Microsoft's Azure cloud platform, developer tools, and identity and security services can help customers build and run Web3 applications.
Learn how to protect your data—Protect your business assets by building on a highly secure cloud platform designed to meet your open-source security and compliance needs.
Ask the experts—Post your questions during the live chat Q&A. Azure Open Source Day features a live chat where attendees can ask the experts their questions and get detailed answers.

Learn more

Don't miss out on the opportunity to learn about the latest AI capabilities on Azure and how Microsoft is leveraging open-source technologies to drive innovation. Register for Azure Open Source Day for Azure Open Source Day today and join us Tuesday, March 7, 2023, 9:00 AM–10:30 AM Pacific Time.
Quelle: Azure