Azure VM and Blob Storage Prices Reduction, Azure MFA, SSE for File Storage Preview

New lower prices on Azure Virtual Machines and Blob Storage, Preview of Azure MFA cloud based protection for on-premises VPNs, SSE automatic data encryption for File Storage.

Share online:

Significant prices reduced on several Azure Virtual Machine families and Storage types on Monday, to further lower the barrier to entry for customers and to accelerate cloud transformation.

For Azure Virtual Machines, prices are reduced on Compute optimized instances – F Series, General purpose instances – A1 Basic by up to 24 percent and 61 percent, respectively, says Azure director product marketing.

For Azure Storage offerings – Hot Block Blob Storage and Cool Block Blob Storage prices have been reduced by up to 31 percent and 38 percent, respectively.

The two table below shows an example of the VM and Storage price reductions in UK South:

"These new prices are only available to customers using Azure Blob Storage Accounts. Customers who are on the General Purpose Blob Storage can take advantage of these prices by moving data from General Purpose Blob to Azure Blob Storage account using tools such as AZ copy," writes the team.

Azure Windows and Linux VMs Price Reduction

Azure Windows and Linux VMs Price Reduction

Azure Blob Storage Price Reduction

Azure Blob Storage Price Reduction

Cloud-based Multi-factor authentication (MFA) safeguards data while giving users a simple sign-in process, traditionally don't support RADIUS authentication protocol, and as a result, customers had to deploy MFA Servers on-premises for securing on-premises clients such as VPN.

On Monday, a public preview of network policy server (NPS) extension support for Azure MFA, closes this gap, "adds the ability to secure RADIUS clients using cloud-based MFA," writes program manager on Azure AD team.

The following diagram illustrates the high-level authentication request flow:

Diagram illustrates NPS Extension for Azure MFA

Diagram illustrates NPS Extension for Azure MFA

NPS Extension for Azure MFA includes following components:

  • User/VPN Client initiates authentication request.
  • NAS Server/VPN Server receives requests from VPN clients and converts them into RADIUS requests to NPS servers.
  • NPS Server connects to Active Directory for primary authentication for RADIUS requests and, if successful, pass the request to any installed NPS extensions.
  • NPS extension triggers an MFA request to Azure cloud-based MFA to perform the secondary authentication. Once it receives the response, and if the MFA challenge succeeds, it completes the authentication request by providing the NPS server with security tokens that include an MFA claim issued by Azure STS.
  • Azure MFA communicates with Azure AD to retrieve user's details and performs secondary authentication using a verification method configured for the user, writes the team.

To get started, download and install the NPS extension for Azure MFA from the Microsoft Download Center.

Custom domain HTTPS support, a simplified end-to-end workflow with Azure CDN is now available, carries complete certificate management but no additional cost.

"It's critical to ensure the privacy and data integrity of … sensitive data while it is in transit. Using the HTTPS protocol ensures that your sensitive data is encrypted when it's sent across the Internet. Azure CDN has supported HTTPS for many years, but was only supported when you used an Azure provided domain," writes program manager for Azure Media Services.

custom domain https support via azure cdn

Custom domain HTTPS support via Azure CDN

Here're some key attributes of custom domain HTTPS:

  • No additional cost: There are no costs for certificate acquisition or renewal and no additional cost for HTTPS traffic. You just pay for GB egress from the CDN.
  • Simple enablement: One click provisioning is available from the Azure portal.
  • Complete certificate management: All certificate procurement or management is handled for you. Certificates are automatically provisioned and renewed prior to expiration. This completely removes the risks of service interruption as a result of a certificate expiring, writes azure team.

SQL Data Warehouse now supports seamless integration with Azure Data Lake Store, thus enable you to directly import or export data from ADLS into Azure SQL Data Warehouse (SQL DW) using External Tables.

"ADLS is a purpose-built, no-limits store and is optimized for massively parallel processing. With SQL DW PolyBase support for ADLS, you can now load data directly into your SQL DW instance at nearly 3 TB per hour," writes the team. Because "SQL DW can now ingest data directly from Windows Azure Storage Blob and ADLS, you can now load data from any storage service in Azure." This provides you with the flexibility to choose what is right for your application.

sql data warehouse integration with azure data lake store

SQL Data Warehouse integration with Azure Data Lake Store

Look at the best Practices for loading data into SQL DW from Azure Data Lake Store:

  • Co-locate the services in the same data center for better performance and no data egress charges.
  • Split large compressed files into at least 60 smaller compressed files.
  • Use a large resource class in SQL DW to load the data.
  • Ensure that your AAD Application has read access from your chosen ADLS Directory.
  • Scale up your DW SLO when importing a large data set.
  • Use a medium resource class for loading data into SQL DW.

The preview of Storage Service Encryption (SSE) for Azure File Storage, allowing automatic encryption of data, became available Monday.

During preview, the feature can only be enabled for newly created Azure Resource Manager (ARM) Storage accounts using the Azure Portal.

"We plan to have Azure Powershell, Azure CLI or the Microsoft Azure Storage Resource Provider API for enabling encryption for file storage by end of February," the team said.

There is no additional charge for enabling this feature.

"IT organizations can lift and shift their on premises file shares to the cloud using Azure Files, by simply pointing the applications to Azure file share path. Thus, enterprises can start leveraging cloud without having to incur development costs to adopt cloud storage," writes a program manager for Azure Storage.

The Continuous Delivery Tools for Visual Studio, is a new extension for Visual Studio 2017 that brings DevOps capabilities to the IDE. The extension helps quickly setup a dev or test environment that builds, tests and deploys your app on every Git Push.

With the extension, "you can setup an automated build, test, and release pipeline on Visual Studio Team Services, for an ASP.NET 4 and ASP.NET Core application targeting Azure. You can then monitor pipeline with notifications in the IDE that alert you to build failures on any CI run," the team explained.

For more on key features and walk through to configure, check out this getting started guide.

continuous delivery pipeline for asp.net 4 and asp.net

Continuous Delivery pipeline for ASP.NET 4 and ASP.NET

In other news, new Git Virtual File System (GVFS) introduced to scale to repositories of any size on Monday, which virtualizes the file system beneath a repository, and makes it appear as though all the files in the repository are present, but only downloads a file the first time it is opened.

Bio Model Analyzer, a cloud-based tool for biological research is now available on GitHub, that allows biologists to model how cells interact and communicate with each other.

"'Bio Model Analzyer', avaailable as an open source creates computerized models that allow researchers to compare the normal processes of healthy cells to the abnormal processes that occur when disease strikes," writes Jasmin Fisher, a senior lead researcher.

The ability to do this kind of work "in silico" — or using computers instead of more traditional models — "allows the researchers to quickly test many more possibilities than were previously possible." That, in turn, can speed up research in areas like drug interaction and resistance, and it could eventually provide patients with more personalized and effective cancer treatments, Fisher says.

Update 02/08: Microsoft just shared the most-recently published Virtual Machines (VM) images from December through January available now for Microsoft Azure Government customers.

  • ESRI Enterprise 10.5
  • Cisco ASAv 4 Nic
  • WindowsServer-HUB2008-R2-SP1-HUB
  • WindowsServer-HUB2012-Datacenter-HUB
  • WindowsServer-HUB2012-R2-Datacenter-HUB
  • WindowsServer-HUB2016-Datacenter-HUB
  • UbuntuServer17.04-DAILY*
  • CentOS7.3
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 (Bring Your Own Subscription)

* This sku is Powershell/classic Portal only, same in Azure Public.

Published in December:

  • SQL Server 2016 SP1-Windows Server 2016
    • Standard
    • Enterprise
    • Developer
    • Web
    • BYOL Standard
    • BYOL Enterprise
  • SQL Server 2014 SP2-Windows Server 2012 R2
    • BYOL Standard
    • BYOL Enterprise
  • Visual Studio 2017 Community RC on Windows Server 2012 R2 (x64)
  • Visual Studio 2017 Enterprise RC on Windows Server 2012 R2 (x64)
  • SUSE Linux Enterprise Server 12 SP2 (Bring Your Own Subscription)
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (Bring Your Own Subscription)
  • SUSE Linux Enterprise Server 11 SP4