eduardokieling.com

Implementing Azure Virtual Network Manager IP address management

As Azure environments grow, managing IP address space becomes increasingly important. What starts as a small set of virtual networks can quickly evolve into dozens or even hundreds of interconnected networks supporting multiple applications, environments, and regions.

Without proper planning and governance, IP addressing can become fragmented, overlapping, and difficult to maintain. This is where Azure Virtual Network Manager introduces valuable capabilities that help organizations manage networking at scale.

One of the key areas where this service can bring operational improvements is IP address management and network planning across large Azure environments.

Draft and Deploy workflow in Azure Firewall explained

Hello everyone,

One of the challenges when managing network security at scale is ensuring that configuration changes are introduced in a controlled and predictable way. This becomes even more important when working with critical components such as Azure Firewall policies.

A recent improvement introduces a Draft and Deploy workflow, which helps bring more structure and safety to how firewall configurations are managed.

Resilient by Design: Azure Migrate Now Supports ZRS Disks

Hello Azure Community,

If high availability is a core part of your architecture strategy, there’s a new feature in public preview you should take note of — Azure Migrate now supports migration to Zone-Redundant Storage (ZRS) disks.

This enhancement means that during your migration journey, you can now directly target ZRS-enabled Premium SSD or Standard SSD disks for workloads that require zone-level resiliency. And the best part? Azure Migrate takes care of mapping and migrating eligible disks in supported regions.

ASR Now Supports Trusted Launch VMs on Linux: Secure, Compliant, and Generally Available

Hello Azure Community,

We’ve seen a steady evolution in Azure Site Recovery (ASR) when it comes to secure VM deployments — and now there’s another step forward: ASR support for Azure Trusted Launch VMs running Linux is now generally available.

If you work with high-compliance or security-sensitive workloads, you’ve probably already encountered Trusted Launch, which adds Secure Boot and virtual TPM (vTPM) to your Azure Generation 2 VMs. Until now, this kind of protection with ASR was only available for Windows-based VMs. That gap has been closed.

Azure Site Recovery Now Supports Premium SSD v2: Resilience Meets Performance

Hello Azure Community,

If you’re running critical workloads on Premium SSD v2 disks, there’s good news: Azure Site Recovery (ASR) now supports disaster recovery for VMs using Premium SSD v2, available in public preview.

This is a key step forward for those of us designing high-performance environments that still require robust business continuity strategies. You no longer need to compromise between performance and resilience — now you can have both.

Architecture considerations for Azure Quota Groups

As Azure environments grow, one of the less visible but critical challenges organizations face is controlling how compute resources are consumed across teams. Without proper governance, it is easy for subscriptions to hit limits unexpectedly or for certain workloads to consume more capacity than intended.

Azure Quota Groups introduce a structured way to manage and distribute quota across different workloads, teams, or environments. Instead of treating quotas as isolated limits per subscription, organizations can start thinking about quota management as part of a broader governance model.

Azure Migrate Adds Support for Ultra SSD: High-Performance Migration Just Got Better

Hello Azure Community,

Another solid improvement is now in public preview — and it’s one that’ll make a real difference for anyone migrating I/O-intensive workloads to Azure: Azure Migrate now supports Ultra SSD as a destination disk type.

For those managing high-performance applications — think SAP HANA, SQL Server, Oracle, or any workload with aggressive latency and throughput requirements — this update gives you the flexibility to bring that performance profile into Azure during migration, right from the start.

Live Resize for Azure Premium SSD v2 and Ultra Disks: Flexibility Without Downtime

Hello Azure Community,

There’s a new capability in public preview that I believe many of you will find both practical and cost-efficient: Live Resize for Premium SSD v2 and Ultra NVMe Disks.

If you’ve ever had to scale storage mid-deployment — or worse, plan for peak storage needs months in advance “just in case” — this is a feature that changes the game. You can now dynamically expand disk capacity with zero downtimefor your applications.

Implementing DNAT on Azure Firewall private IP address

Azure Firewall continues to evolve with capabilities that simplify the design of secure network architectures in Azure. One feature that has recently become generally available is the ability to configure Destination Network Address Translation (DNAT) using the firewall’s private IP address.

This capability may seem like a small enhancement at first glance, but it opens new architectural possibilities. In many enterprise environments, traffic flows do not always originate from the public internet. Instead, connections may come from internal networks, private connectivity environments, or hybrid infrastructures.

Supporting DNAT directly on the private IP address of Azure Firewall helps address these scenarios in a more flexible way.

Understanding Azure Private Subnet behavior and use cases

Hi everyone,

One of the topics that keeps coming up in conversations around secure Azure architectures is how to properly isolate workloads while still keeping connectivity manageable. A feature that plays an important role in this space is the concept of Private Subnets in Azure.

At first glance, it may seem like just another networking configuration, but when used correctly, private subnets can significantly improve how environments are segmented and secured.