Hello Folks,
Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking.
In this blog post, we’ll cover what's new with Azure Networking in April 2024. In this blog post, we will cover the following announcements and how they can help you.
With this GA release, you can more easily manage TLS certificates for your Application Gateway workloads in the Azure Portal.
The Azure Application Gateway is a proxy load balancer that operates at Layer-7, the application layer of the OSI model. Now it supports Layer-4 proxy with TCP and TLS protocols as well. This provides scalable, highly available, and secure application delivery. One of its key features is the ability to secure client traffic through TLS termination, which requires TLS server certificates for listeners. For large gateways with multiple HTTPS or TLS listeners, this means managing multiple .PFX certificates.
Managing certificates in any organization can be a challenge. This is a great addition for reducing friction for admins responsible for secure workloads utilizing certificates.
References:
Application Gateway for Containers is GA. With this release, you get application (layer 7) load balancing and dynamic traffic management capabilities for workloads running in a Kubernetes cluster.
Application Gateway for Containers is the evolution of the Application Gateway Ingress Controller (AGIC), a Kubernetes application that enables Azure Kubernetes Service (AKS) customers to use Azure's native Application Gateway application load-balancer. In its current form, AGIC monitors a subset of Kubernetes Resources for changes and applies them to the Application Gateway, utilizing Azure Resource Manager (ARM).
We are announcing that IPv6 support for Azure Application Gateway (v2) is now generally available.
With the addition of IPv6 support, you can take advantage of the increased address space and improved routing efficiency that IPv6 provides. This is especially important for customers who are running out of IPv4 addresses or who need to support IPv6 clients.
To get started with IPv6 support for Azure Application Gateway (v2), simply create a new Application Gateway and select both IPv4 and IPv6 frontends during the creation process. You can also find more information about IPv6 support in our documentation.
References:
Retina is an open-source Kubernetes Network Observability platform designed to assist with DevOps, SecOps, and compliance use cases. It acts as a centralized hub for monitoring the health, security, and performance of applications and networks within Kubernetes clusters. The platform caters to Cluster Network Administrators, Cluster Security Administrators, and DevOps Engineers.
Resources:
Azure Virtual Network encryption now in additional regions
Whenever Azure customer traffic moves between datacenters, Microsoft applies a data-link layer encryption method using the IEEE 802.1AE MAC Security Standards (MACsec). This encryption is implemented to secure the traffic outside physical boundaries not controlled by Microsoft or on behalf of Microsoft. This method is applied from point-to-point across the underlying network hardware. Virtual network encryption enables you to encrypt traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network. It also encrypts traffic between regionally and globally peered virtual networks. Virtual network encryption enhances existing encryption in transit capabilities in Azure.
With Virtual Network encryption, customers can enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks. This new feature enhances the existing encryption in transit capabilities in Azure.
Azure Virtual Network encryption is available in the following additional regions:
That’s it for this month.
Cheers
Pierre
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.