IT Innovators: Microsoft’s Multi-Year Azure Journey Promises "Big Things" for Your Networks

IT Innovators: Microsoft’s Multi-Year Azure Journey Promises "Big Things" for Your Networks

It’s day 4 of Microsoft Ignite and there’s been a lot to take in. Maybe you’ve been able to attend some of the sessions or maybe you’ve just streamed them from your home or office. Either way, there’s likely a lot more you can learn! Each session was recorded and is available at

The room for Platform & Strategy (3 of 7): Networking Overview was full to capacity. If you are an IT professional currently using Azure, considering using Azure as your cloud computing platform, or looking to learn about Microsoft’s plans for datacenter networking, you need to check out this session.

The first part of the session drew a picture of Azure as a networking solution on a multi-year journey; the result of which is that today, Azure is informed by three key pillars: hyper-scale, enterprise-grade and hybrid.

When it comes to Azure’s scale, take a look at the stats. Azure has a global footprint of 19 compute regions, with each region comprising many data centers—that’s more than AWS and Google Cloud combined. It supports terabytes of storage transactions and services, and 425 million Azure Active Directory users with 20 million SQL Database hours used every day. It’s hyper-scale, with 85 Internet Exchange Points (iXP’s - with 4400+ connections to 1695 networks), and 1.4 million miles of fiber in global data centers. Microsoft could literally wrap the earth four times around with the amount of fiber-optic cabling it has in North America alone.

This hyper-scale is critical because at the end of the day you can build all you want in the cloud, but if you can’t connect to it there’s a problem. And the status-quo (i.e., non-software-defined networking) won’t get you there. With status quo, cloud operators will inhibit their customers from being able to have the flexibility they already have in their enterprise data centers. Azure’s big scale is essentially your guarantee that when you connect to an application, whether from your phone in say, a conference session, or in your car, you’re going to connect to the Internet through some ISP and quickly hit the Microsoft backbone.

Next, the session went on to explain how Microsoft is shifting the way networks are built; from proprietary custom hardware to a Software-Defined Network (SDN) stack, and gave the audience details on what that the Azure network looks like and how it works. In Azure you define your virtual networks (VNs), which reside in one of those regions I mentioned earlier. You can have as many networks as you want, since the scale is so large, and you can segment them as you see fit. You can then access them through the Internet and that’s where the exchange points come in; they get you there quickly. You can also have backend connectivity to on-premises, to infrastructure you already have. This also works in the gateway and in private; not everything in Azure has to be public.

You also need a way to reach your Virtual Machines (VMs); your networks in the cloud. You can go through the Internet, granted, but you can also now bypass the Internet altogether with ExpressRoute, a private, dedicated high-throughput network connection to Microsoft. ExpressRoute doesn’t just connect to Azure, but to all Microsoft services like Office 365 and Skype for Business.

Azure’s security options for cloud services and VMs range from infrastructure support (e.g., a highly scalable DDoS prevention system) to features like a VM Firewall, NSG, Virtual Network Isolation, and ACLs; all of which can be combined as you see fit—everything you already use in your enterprise datacenter today. Azure accomplishes this using security and network virtual appliances (VMs that perform specific network functions); many of which you’re likely already familiar with.

Another security feature, Network Security Groups, allows you to define network ACLs for each subnet within a VN. You can define ACLs on the whole subnet or any given VM in a subnet. And, you can define the whole subnet in such a way that when VMs scale up or scale down, the ACLs are automatically applied to the whole subnet.  That’s all part and parcel with adopting an SDN approach to infrastructure.

To make things easier for IT professionals to adopt this vision, Microsoft is publishing templates that can be used to describe this big picture—to configure the network—and they are executable. All you have to do is click on them and they instantiate the network in the cloud in a matter of minutes.

All of this is available today. What’s coming in the very near future is the ability to link what customers have been using on-premise with the cloud. You’ll be able to decide how to apply all of this for your networks on-premise, in the cloud, or more likely, employ a hybrid of the two.

Big scale, enterprise focus and expanding what it offers on-premise to the cloud, all playing a vital role in a cloud-inspired infrastructure–that was Microsoft’s message in a nutshell. Oh yes, there were also a number of demos designed to illustrate how the Azure hybrid solution works and what you can do with it today and in the future. To learn more, view the session in its entirety at

This blog about storage and networking is sponsored by Microsoft.

Cheryl J. Ajluni is a freelance writer and editor based in California. She is the former Editor-in-Chief of Wireless Systems Design and served as the EDA/Advanced Technology editor for Electronic Design for over 10 years. She is also a published book author and patented engineer. Her work regularly appears in print and online publications. Contact her at [email protected] with your comments or story ideas.



Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.