Microsoft Introduces Azure IoT Hub IP Filter, Adds New Features to IoT Suite

Azure Disk Encryption generally available to Azure Government, new features to Azure IoT Suite, Azure IoT Hub Device Management hits GA.

Share online:

Azure IoT Suite that give customers more ways to extend, manage and monitor their IoT solutions, received new features and functionality such as enhancements to Azure IoT Gateway SDK, giving customers even more flexibility in how they design and deploy IoT solutions, from the datacenter to the very edge of the network.

Azure IoT Hub IP filter introduced today, is an important security feature that enables customers to configure IP filtering rules for their IoT Hub. It allows maximum 10 rules each rejecting or accepting an individual IPv4 address or a subnet using the CIDR-notation format.

"You can instruct IoT Hub to only accept connections from certain IP addresses, reject certain IP addresses or a combination of both," writes Azure team.

Administrators can easily configure IP filtering rules for their IoT Hub, and the rules apply any time a device or a back-end application is connecting on any supported protocols (currently AMQP, MQTT, AMQP/WS, MQTT/WS, HTTP/1). "Any application from an IPv4 address that matches a rejecting IP rule receives an unauthorized 401 status code without specific mention of the IP rule in the message," wrties team Azure.

The following illustration shows how to blacklist and whitelist an IP address on a subnet:

Azure IoT Hub IP Filter: Illustration Blacklist and Whitelist IP

Azure IoT Hub IP Filter: Illustration Blacklist and Whitelist IP

Azure disk encryption for Windows and Linux IaaS VMs in Azure Government cloud regions generally available today enable customers to protect the OS and data disk at rest using industry standard encryption technology.

The following customer scenarios are supported (verbatim):

  • Enable encryption on new IaaS VMs created from pre-encrypted VHD and encryption keys
  • Enable encryption on new IaaS VMs created from the Azure Gallery images
  • Enable encryption on existing IaaS VMs running in Azure
  • Disable encryption on Windows IaaS VMs
  • Disable encryption on data drives for Linux IaaS VMs

The solution supports the following for IaaS VMs when enabled in Microsoft Azure:

  • Integration with Azure Key Vault
  • Standard tier VMs – A, D, DS, G, GS etc series IaaS VMs
  • Enable encryption on Windows and Linux IaaS VMs
  • Disable encryption on OS and data drives for Windows IaaS VMs
  • Disable encryption on data drives for Linux IaaS VMs
  • Enable encryption on IaaS VMs running Windows Client OS
  • Enable encryption on volumes with mount paths
  • Enable encryption on Linux VMs configured with Software-based RAID system
  • Enable encryption on Windows VMs configured with Storage Spaces
  • All Azure Gov regions are supported, writes Azure team.

General available today, Azure IoT Hub device management capabilities that enable IoT developers, administrators and operators to organize, monitor, query, configure and update software and firmware configurations across billions of geographically dispersed and cross-platform devices.

New available to customers include:

  • Device Twin – The digital representation of your physical devices that allows synchronization of device conditions and operator configuration between the cloud and device.
  • Direct Methods – Apply a direct, performant action on a connected device through the cloud.
  • Jobs - Broadcast and schedule device twin changes and methods to scale management operations across millions of devices.
  • Queries – Create real-time, dynamic reports across device twins and jobs to attest status and health for entire device collections whether your devices are on or offline.

Today, the public preview of Service Map, a new solution in Operations Management Suite Insight & Analytics that help you gain control over your hybrid cloud. It supports Windows and Linux guests, in any cloud and on-premises, discovering dependencies for any TCP-connected process running in those guests.

Also, three new Azure enhancements enabling to run the largest enterprise workloads such as: larger scale instances now 'offering 4TB on a single node for OLTP scenarios and 32 TB for multi-node scale-out OLAP deployments, both available in December 2016, writes Azue team.

Starting today, Azure will now offer an SLA availability commitment on single instance VMs. Prior this announcement, the virtual machine availability SLA required at least two instances, which presented challenges for some existing on-premises workloads that could not scale-out or where scale and management were expensive and cumbersome.

Also available now several Microsoft Hybrid Use Benefit (HUB) Azure gallery images. AHUB is where customers can use on-premises Windows Server licenses that include Software Assurance to run Windows Server virtual machines on Azure with significant cost savings

Azure Disk Encryption for Windows and Linux IaaS (Infrastructure as a Service) VMs in Azure Government cloud regions is now generally available, enabling customers to protect the OS and data disk at rest using industry standard encryption technology.

Azure Disk Encryption leverages the industry standard BitLocker feature of Windows and the DM-Crypt feature of Linux to provide OS and data disk encryption to help protect and safeguard your data. It also can help you meet organizational security and compliance commitments.