Operational insights on StandardV2 NAT Gateway with zone redundancy

Outbound connectivity is a fundamental aspect of many Azure workloads. Virtual machines, containers, and platform services often require controlled access to the internet for updates, API integrations, or external services.

Azure NAT Gateway has long provided a scalable and managed way to handle outbound connectivity. With the introduction of the StandardV2 NAT Gateway, organizations gain additional operational capabilities and improved support for resilient network architectures.

Continue reading “Operational insights on StandardV2 NAT Gateway with zone redundancy”

Using the Azure pricing calculator for cloud-native Kubernetes workloads

Hello everyone,

Estimating infrastructure costs is a key step when designing cloud-native architectures. In environments that rely on Kubernetes, understanding the cost impact of compute, networking, and storage components becomes especially important.

The Azure Pricing Calculator provides a practical way to estimate the expected costs of running Kubernetes-based workloads in Azure before resources are deployed.

Continue reading “Using the Azure pricing calculator for cloud-native Kubernetes workloads”

Understanding FIPS compliant mode for Application Gateway v2

Security and regulatory compliance are key considerations when designing enterprise architectures in Azure. Many industries, including government, finance, and healthcare, must follow strict cryptographic standards to ensure that sensitive data is processed using validated security mechanisms.

To support these requirements, Azure Application Gateway v2 introduces a FIPS compliant mode. This capability enables organizations to enforce cryptographic operations that align with the Federal Information Processing Standards (FIPS).

Continue reading “Understanding FIPS compliant mode for Application Gateway v2”

Understanding the storage performance capabilities of Ebsv6 VMs

As cloud workloads continue to evolve, storage performance has become a critical factor in infrastructure design. Many modern applications depend not only on CPU and memory resources, but also on the ability to process large volumes of data with low latency.

The Azure Ebsv6 virtual machine series introduces improvements specifically focused on storage performance, making it a compelling option for workloads that require high disk throughput and large I/O operations.

Continue reading “Understanding the storage performance capabilities of Ebsv6 VMs”

Getting started with DNS flow trace logs for Azure Firewall

Hello everyone,

DNS is one of those services that quietly sits behind almost every application workflow. Even when everything else looks healthy, DNS behavior can often explain connectivity issues, unexpected traffic paths, or security concerns that are not immediately visible at the network layer.

That is why the introduction of DNS flow trace logs for Azure Firewall is a very useful improvement for day-to-day operations.

Continue reading “Getting started with DNS flow trace logs for Azure Firewall”

Design patterns for high scale Private Endpoints in Azure

Private connectivity has become a central element of secure cloud architectures. As organizations increasingly adopt platform services in Azure, controlling how those services are accessed from internal workloads becomes an important architectural concern.

Azure Private Endpoints provide a mechanism to expose platform services through private IP addresses within a virtual network. Instead of accessing services through public endpoints, workloads communicate with them privately through the Azure backbone network.

While this capability is straightforward for small environments, designing architectures that support large-scale Private Endpoint deployments introduces additional considerations.

Continue reading “Design patterns for high scale Private Endpoints in Azure”

Azure Firewall prescaling capabilities overview

Hello everyone,

Azure Firewall is widely used as a central security control in many enterprise network architectures. As environments grow and traffic patterns become more dynamic, maintaining predictable performance for inspection and filtering becomes increasingly important.

A recently introduced capability known as Azure Firewall prescaling helps address this challenge by allowing organizations to prepare firewall capacity ahead of expected traffic increases.

Continue reading “Azure Firewall prescaling capabilities overview”

Understanding Azure Spot Placement Score

Hello everyone,

Azure Spot Virtual Machines are widely used to run cost-optimized workloads by leveraging unused Azure compute capacity. While they can significantly reduce infrastructure costs, one of the challenges when working with Spot VMs is understanding where capacity is more likely to be available.

This is where the Azure Spot Placement Score becomes useful.

Continue reading “Understanding Azure Spot Placement Score”

Azure Compute Gallery Soft Delete feature overview

Hello everyone,

Managing VM images efficiently is an important part of operating large-scale Azure environments. Many organizations rely on Azure Compute Gallery to distribute standardized virtual machine images across regions, subscriptions, and environments.

To improve operational safety, Azure now includes a Soft Delete capability for Azure Compute Gallery, helping protect image repositories from accidental deletion.

Continue reading “Azure Compute Gallery Soft Delete feature overview”

Overview of the new Azure Network Security Hub experience

Hello everyone,

Managing network security across multiple Azure environments can quickly become complex. As organizations scale their cloud infrastructure, maintaining visibility over firewalls, network security groups, routing rules, and other controls becomes increasingly important.

To address this challenge, Microsoft introduced the Azure Network Security Hub, a centralized experience designed to simplify how security configurations are monitored and managed across Azure networking resources.

Continue reading “Overview of the new Azure Network Security Hub experience”