In his recent post, “Sovereign Private Cloud: Resiliency, Security, and Control for Your Critical Workloads”, Douglas Phillips explored Microsoft’s vision for enabling digital sovereignty across critical industries and government sectors. His message was clear: Microsoft’s cloud innovation will be defined not just by scalability and performance but by offering customers control, autonomy, and jurisdictional assurance.
With Azure Local and Microsoft 365 Local, Microsoft is turning that vision into a deployable reality. Together, they form the Sovereign Private Cloud, a comprehensive, customer-operated platform designed for organizations that must meet strict sovereignty requirements without compromising on modernization, productivity, or security.
While our Sovereign Public Cloud offers extensive sovereign controls and is designed to meet the needs of most customers, the Sovereign Private Cloud is purpose-built for extraordinary scenarios where operational control over data infrastructure is non-negotiable.
For technical leaders, architects, and IT strategists, this blog takes that conversation one step further – offering a closer look at how this solution is deployed, what it enables, and how it meets real-world operational needs.
Azure Local: The Foundation for Customer-Controlled Cloud
Azure Local is a first party Azure environment brought directly into customer’s physical control. It enables organizations to run Azure services on-premises or in field-deployed infrastructure with full operational autonomy. Built on the same core architecture as Azure and extended through Azure Arc, Azure Local delivers a consistent, secure, and scalable experience for workloads that cannot run in the public cloud due to regulatory, connectivity, or sovereignty constraints.
Through Azure Arc, Azure Local supports a robust set of Infrastructure as a service (IaaS) capability that operates across connected, intermittently connected, and fully disconnected environments. Customers can deploy and manage Windows and Linux based Arc enabled virtual machines (Azure Local VM), operate Kubernetes clusters with Arc-enabled AKS, and provision software-defined networking for workload isolation. Persistent storage, policy enforcement, and identity integration are supported. And, in connected scenarios, Azure Monitor and Microsoft Defender for Cloud extend cloud-native visibility and security to local infrastructure.
Most importantly, these capabilities are all managed using the same tools and APIs as public Azure allowing organizations to apply governance policies and enable compliance without sacrificing performance or sovereignty. And when operating in disconnected mode, Azure Local runs in “local-first” configuration, helping to ensure resiliency and business continuity so that services remain functional, secure, and consistent – even in disconnected or restricted environments.
Microsoft 365 Local: Sovereign Productivity, Delivered Securely
Built on the Azure Local infrastructure, Microsoft 365 Local enables organizations to deploy key collaboration and communication products – Exchange Server, SharePoint Server, and Skype for Business Server, entirely within their sovereign environment. This solution is designed for industries that need to ensure their data such as emails, documents, chats remain under local jurisdiction, even when offline or disconnected from public networks.
Microsoft 365 Local uses validated reference architectures optimized for Azure Local and integrates directly into Azure infrastructure control plane. This allows customers to manage their infrastructure stack, using the familiar Azure policy controls, monitoring tools, and automation workflows. Microsoft 365 Local will allow customers to run the Subscription Edition (SE) version of the server productivity products on Azure Local.
With the introduction of Sovereign Private Cloud and Microsoft 365 Local, we are expanding our commitment to support our core server products, such as Exchange Server, SharePoint Server, and Skype for Business Server, through at least 2035 (LINK). This will allow our customers to confidently build their long-term plans and maintain operational continuity, knowing that their workloads will remain supported. Server productivity products will continue to be supported when deployed with Microsoft 365 as part of the Sovereign Private Cloud or as standalone solutions. Microsoft intends to maintain support for SE versions or comparable capabilities under the Modern Lifecycle Policy; however, future versions or configurations may vary and could be subject to additional terms.
With Microsoft 365 Local, organizations no longer need to choose between modern productivity and sovereign controls. They can have both, deployed securely on infrastructure they own, with full operational visibility and lifecycle control.
Enabling Secure, Modern, and Unified Operations
The real power of the Sovereign Private cloud lies in its ability to unify the modern cloud model with operational independence. Organizations can consolidate infrastructure, productivity, and governance under a single, integrated platform, eliminating the need for fragmented third-party solutions or legacy systems.
From an operational perspective, Azure Arc enables a single consistent infrastructure control plane that spans across public cloud, hybrid, and disconnected environments. IT administrators can manage infrastructure from Azure portal or Azure Command Line Interface (Azure CLI), enforce compliance policies, deploy security updates, and monitor workloads, within cloud native tooling. At the same time, critical data never leaves the customer’s environment unless explicitly allowed, helping to ensure strict control over residency, access, and telemetry.
This unified platform approach can help reduce operational overhead and enables faster time-to-value. Admins no longer need to juggle multiple systems for infrastructure, collaboration, and security. Instead, they gain a streamlined foundation for delivering innovation securely, even in highly regulated or mission-critical scenarios.
Planning Ahead for Sovereign Modernization
For organizations navigating national regulations, defense protocols, or sector-specific compliance mandates, the Sovereign Private Cloud offers a clear path forward. It allows customers to modernize infrastructure and collaboration systems while maintaining full control over their digital sovereignty posture.
Getting started begins with understanding your operational requirements – connectivity models, compliance objectives, and support needs. From there, Microsoft provides guidance on procuring validated hardware, deploying Azure Local clusters, and integrating Microsoft 365 Local using existing or new licenses and support models. Certified Microsoft AI Cloud partners will support deployment, configuration, and offer ongoing managed services. You can learn more about Azure Local deployment requirements here.
With a long-term commitment to Microsoft 365 server products support and consistent feature update across Azure Arc and Azure Local, Microsoft is enabling customers to move forward with confidence – on their timeline, within their boundaries, and with the support they need to sustain critical operations.
In Closing
Digital sovereignty isn’t a single destination – it’s a journey defined by choice, control, and capability. With Azure Local and Microsoft 365 Local, Microsoft is delivering a sovereign-ready cloud platform that supports both the infrastructure and productivity needs of today’s most security-conscious organizations. If your organization is interested in participating in the Sovereign Private Cloud preview, you can sign up here to express interest and receive more information from Microsoft and our partner ecosystem.
Microsoft