Ephemeral OS Disk with full caching for VM and VM scale sets overview

Hello everyone,

Performance optimization is a common objective when designing cloud infrastructure. In Azure, one of the techniques available for improving VM startup speed and disk performance is the use of Ephemeral OS Disks.

A recent enhancement introduces the ability to use full caching with Ephemeral OS Disks for Virtual Machines and VM Scale Sets, offering improved performance characteristics for specific workload scenarios.

Continue reading “Ephemeral OS Disk with full caching for VM and VM scale sets overview”

Updates to Default Rule Set 2.2 in Azure Application Gateway WAF

Hello everyone,

Web application protection is a fundamental component of modern cloud architectures. In Azure environments, the Web Application Firewall (WAF) for Application Gateway plays a central role in protecting applications against common threats such as SQL injection, cross-site scripting, and other web-based attacks.

With the release of Default Rule Set (DRS) 2.2, Azure introduces several improvements that help organizations strengthen their protection strategies while maintaining operational flexibility.

Continue reading “Updates to Default Rule Set 2.2 in Azure Application Gateway WAF”

Implementing Draft and Deploy workflows in Azure Firewall

Managing network security policies in large Azure environments requires careful control over how changes are introduced. Firewall configurations directly impact traffic flow, application availability, and security posture, which means even small changes must be handled with precision.

The Draft and Deploy workflow in Azure Firewall introduces a structured approach to policy management, allowing teams to prepare, validate, and safely apply configuration changes.

Continue reading “Implementing Draft and Deploy workflows in Azure Firewall”

Azure confidential VM series overview (DCesv6 and ECesv6)

Hello everyone,

Security requirements for cloud workloads continue to evolve, especially for organizations handling sensitive data. To address these needs, Azure provides Confidential Virtual Machines, which add hardware-based protections to help secure data while it is being processed.

The DCesv6 and ECesv6 VM series represent the latest generation of Azure confidential compute options, designed to provide stronger protections for sensitive workloads running in the cloud.

Continue reading “Azure confidential VM series overview (DCesv6 and ECesv6)”

WAF Insights for Application Gateway overview

Hello everyone,

Operating web-facing applications in the cloud usually means combining load balancing, application delivery, and security controls. In Azure, Application Gateway with Web Application Firewall (WAF) is commonly used to protect web workloads from common threats while routing traffic to backend services.

A new capability called WAF Insights introduces improved visibility into how the firewall is operating and how web traffic interacts with security policies.

Continue reading “WAF Insights for Application Gateway overview”

Technical overview of the Azure virtual network routing appliance

As Azure environments continue to grow in complexity, networking architectures increasingly require more advanced traffic control and routing capabilities. Enterprise environments often integrate multiple connectivity models such as virtual networks, hybrid connectivity, security appliances, and multi-tier application platforms.

The concept of a Virtual Network Routing Appliance in Azure introduces a new way to handle routing behavior inside complex network topologies. It allows architects to define more flexible traffic control patterns while maintaining centralized visibility over how traffic flows between workloads.

Continue reading “Technical overview of the Azure virtual network routing appliance”

Azure AMD Turin VM series overview

Hello everyone,

Azure continues to expand its compute portfolio with new processor generations designed to improve performance and efficiency. One of the latest additions is the Azure AMD Turin VM series, which brings a new option for organizations looking to run demanding compute workloads on modern infrastructure.

For teams evaluating new VM families, this is an update worth paying attention to.

Continue reading “Azure AMD Turin VM series overview”

Overview of StandardV2 NAT Gateway with zone-redundancy

Hello everyone,

Outbound connectivity is an essential component of most cloud architectures. Many workloads running in Azure require controlled access to external services, software repositories, APIs, and update platforms.

The StandardV2 NAT Gateway introduces improvements that simplify outbound connectivity design while also supporting more resilient architectures through zone-redundancy.

Continue reading “Overview of StandardV2 NAT Gateway with zone-redundancy”

Operational insights on StandardV2 NAT Gateway with zone redundancy

Outbound connectivity is a fundamental aspect of many Azure workloads. Virtual machines, containers, and platform services often require controlled access to the internet for updates, API integrations, or external services.

Azure NAT Gateway has long provided a scalable and managed way to handle outbound connectivity. With the introduction of the StandardV2 NAT Gateway, organizations gain additional operational capabilities and improved support for resilient network architectures.

Continue reading “Operational insights on StandardV2 NAT Gateway with zone redundancy”

Using the Azure pricing calculator for cloud-native Kubernetes workloads

Hello everyone,

Estimating infrastructure costs is a key step when designing cloud-native architectures. In environments that rely on Kubernetes, understanding the cost impact of compute, networking, and storage components becomes especially important.

The Azure Pricing Calculator provides a practical way to estimate the expected costs of running Kubernetes-based workloads in Azure before resources are deployed.

Continue reading “Using the Azure pricing calculator for cloud-native Kubernetes workloads”