Accelerating innovation in the diabetic foot market with Azure Health Data Services

This blog post has been co-authored by Sharlene Jerome, Manager of Marketing and Communications, Sensoria Health

This blog is part of a series in collaboration with our partners and customers leveraging the newly announced Azure Health Data Services. Azure Health Data Services, a platform as a service (PaaS) offering designed exclusively to support Protected Health Information (PHI) in the cloud, is a new way of working with unified data—providing care teams with a platform to support both transactional and analytical workloads from the same data store and enabling cloud computing to transform how we develop and deliver AI across the healthcare ecosystem.

According to the World Health Organization, over 422 million people suffer from diabetes. Diabetes is an emergency of epidemic proportions, and diabetic foot complications have one of the most painful effects—every 20 seconds, someone in the world loses a lower limb due to diabetes. The total worldwide cost of diabetic limb complications is estimated to be $46 billion, and in the US, direct costs associated with these complications exceed the cost of each of the five most expensive cancers.¹

From these staggering numbers, it is now obvious that connected footwear will play a major role in the future of diabetic care. As one of the most innovative applications of IoT in healthcare, remotely monitoring patients is essential to ensuring effective treatment, improving patient care, and reducing hospital readmission rates. This requires data to flow smoothly from patient to clinician, and from clinician to clinician. However, the currently siloed healthcare industry with data stored on-premises and lack of interoperability among these on-premises systems makes it difficult for clinicians to access data in a timely manner to proactively treat patients. And when diabetic foot ulcers can potentially cause the loss of limbs, the stakes are remarkably high for all parties involved.

Making real-world data accessible

To help better manage data in the cloud and enable healthcare organizations to access patient data in a timely and secure manner, Microsoft released Azure Health Data Services, a PaaS offering that is built on the global open standards Fast Healthcare Interoperability Resources (FHIR ®) and Digital Imaging Communications in Medicine (DICOM).

One of the biggest challenges in treating diabetic foot ulcers is the ability to monitor the patient’s progress when they are outside of the hospital. The inaccessibility of this data prevents clinicians from collaborating with patients to ensure they adhere to the clinical recommendations, thus reducing the effectiveness of treatment and care. With Azure Health Data Services, this data can now be accessed easily and in a timely manner by providers, giving patients the best chance to fight diabetic foot ulcers. Microsoft’s technology, alongside Sensoria’s innovative diabetic footwear, will enable the creation of a new category of solutions for podiatrists, which will not only provide valuable feedback to and from patients but also supply clinicians with the patient’s compliance and usage patterns for healing diabetic foot ulcers, supporting the goal of reducing the risk of occurrence.

As leaders in remote patient monitoring wearables and AI software solutions, Sensoria Health is already leveraging FHIR and Azure Health Data Services.

“There is no such thing as a "little" diabetes. Just like there is no such thing as a "little" cancer.”–Dr. David Armstrong, Professor of Surgery and Director, Southwestern Academic Limb Salvage Alliance (SALSA) at Keck School of Medicine, USC and Director, USC Center to Stream Healthcare in Place (#C2SHiP)

Sensoria’s diabetic footwear is a wonderful example of how Internet of Medical Things (IoMT) health data can be leveraged to improve clinical workflows and process valuable data to support both patient and clinician while making individualized care plans. Supported by Microsoft’s Azure Health Data Services, IoMT health data can be ingested from the Sensoria footwear and compiled to attain a valuable holistic view of a patient’s at-home care, knowledge of self-care, and care plan compliance. The IoMT health data coming from the footwear can be de-identified, compiled, and stored in Azure Health Data Services. Microsoft Azure Health Data Services is HITRUST CSF certified and helps organizations store PHI in accordance with HIPAA and GDPR requirements and meet Office for the National Coordinator for Health Information Technology (ONC) and US Centers for Medicare and Medicaid Services (CMS) mandates. Once stored in a standardized and interoperable format, the health data can be trended and tracked to visualize patterns and catch early warnings or allow for further analysis to support clinicians and treatment options. Sensoria Health leverages Azure IoT Central to connect the footwear and bring valuable IoMT data to the cloud—Azure Health Data Services helps manage IoMT data collected by the footwear to support the clinician for a more complete view of patient population, treatment compliance, daily treatment adherence scores, real-time behavioral feedback, and capture previous gaps in care and best practice.

Powered by Sensoria Core, a wearable sensor platform that is modular, self-contained, and fully integrated to provide highly accurate data, the Sensoria Diabetic Foot Ulcer Boot can measure adherence to whether the patient is wearing the boot, their level of activity, and adherence to the recommended clinician protocol. The clinician dashboard provided by the Sensoria Diabetic Foot Ulcer Boot offers a holistic view of their patient population. The dashboard is color-coded so that clinicians know which patients are at most risk due to non-adherence. In these cases, there is an escalation of care that can be identified, and the boot can be made irremovable.

Sensoria Health is excited to be a pioneer of this effort with global diabetic footwear partners such as Ossur, DARCO International, and Defender Operations.

“In the US, CMS is embracing remote patient monitoring and launching a new reimbursement model for remote therapeutic monitoring. Our partnership with Sensoria Health will place both of our companies in a leadership position for smart podiatry footwear products around the globe.”—Darrel Darby, CEO, DARCO International

“Combining Foot Defender® with the Sensoria ® Core is the marriage of modern manufacturing, advanced textiles, cutting edge engineering, and advanced electronics. Uniting these two leading-edge technologies produces a product that patients will want to wear and can assist them in monitoring activity and utilization, engaging patients in their care while empowering them to make changes in behavior.”—Dr. Jason Hanft, DPM, FACFAS, CEO and Founder, Defender

Do more with your data with Microsoft Cloud for Healthcare

Part of the Microsoft Cloud for Healthcare, Azure Health Data Services empowers health organizations to transform their patient experience, discover new insights with the power of machine learning and AI, and manage PHI data with confidence.

We look forward to being your partner as you build the future of health.

Learn more about Azure Health Data Services.
Learn more about Sensorial Health, or send a message to info@sensoriahealth.com.
Read our recent blog, “Microsoft launches Azure Health Data Services to unify health data and power AI in the cloud.”
Learn more about Microsoft Cloud for Healthcare.

®FHIR is a registered trademark of Health Level Seven International, registered in the U.S. Trademark Office and are used with their permission.

¹ WHO Library Cataloguing-in-Publication Data Global report on diabetes. 1. Diabetes Mellitus – epidemiology. 2. Diabetes Mellitus – prevention and control. 3. Diabetes, Gestational. 4. Chronic Disease. 5. Public Health. I. World Health Organization. ISBN 978 92 4 156525 7 (NLM classification: WK 810) © World Health Organization 2016 9789241565257_eng.pdf;jsessionid=27AFE586B882A75AA68600E65BD3E049 (who.int)
Quelle: Azure

Azure Health Data Services: Engineering product for partners

The healthcare industry has come a long way from putting pen to paper on a pharmacy script or clinical SOAP note to now, being able to deliver primary care in the emerging hospital at home. My career in the healthcare and life sciences (HLS) industry has spanned different roles including: a military clinician, life science entrepreneur, clinical research application scientist, and business leader. Currently, I head the Partner Alliances team for Microsoft’s global health and Life sciences Cloud and Data engineering and product group. Today, I consider myself an HLS generalist bridging the gap between engineering and the application of it in the wild. I look forward to continuing to listen to the needs, implement solutions, and partner with others to bring forward meaningful change in healthcare.

Last month, we launched Azure Health Data Services, a platform as a service (PaaS) offering designed exclusively to support Protected Health Information (PHI) in the cloud, built on the global open standards Fast Healthcare Interoperability Resources (FHIR)® and Digital Imaging Communications in Medicine (DICOM). Watching the team work to develop this product, I feel compelled to share how intentional our product team is at building healthcare technologies for an industry that is currently experiencing historically unprecedented transformation. We are deploying technology that can ingest, transform, and persist data, allowing our customers to use their data to span workflows from discovery research to clinical end points.1 The underlying technology enables our customers to engage in activities ranging from novel biomarker identification to virtual clinical decision support. For example, today our customers can combine cellular assay data, pathology data, molecular imaging, genomics, handwritten, voice, and text derived notes. With so much data, the goal is to enable our customers to derive insights from a single system of record, so that they can optimize the user experience for patient,  research and clinical workflows so that adherence to treatment increases, scientists gain faster contextual evidence to support their early discoveries and clinicians can spend more time focused on delivering healthcare without experiencing burnout and information overload. The bottom line is, when you can bring these data sets together in a meaningful way, you inherently increase your signal to noise ratio since you are no longer looking for a needle in a haystack; you are looking for a book in a library.

Five years ago, under the leadership of Peter Lee, Microsoft made a purposeful decision that enabled us to lead the way in cloud, data, AI, and innovation. In 2020, Microsoft won the Frost and Sullivan Best Practice Award for our commitment to global AI for healthcare IT growth, and our innovation and leadership in the industry. The Microsoft executive health leadership team realized that we needed a common standards-based platform for healthcare and life sciences data and a secure compliant environment for the industry to build on. To accomplish this, we would need to contribute to the interoperability momentum for FHIR® standard. We also knew we had to lead with partners that know the space better than we do.  We are now focused on building the most trusted, health data platform designed with security and compliance in mind, that is ready to ingest a variety of data types and standards, workflow accelerators, and scenario-specific features. Our hope is that this will enable our ecosystem of partners to push the last mile of innovation for our shared customers in provider, pharmaceutical, payor, and life sciences.
With our partners as the foundation of our business, we will maintain competitive velocity in such transformational times.

Our approach to building Azure Health Data Services has been to support our partners by building and managing the underlying cloud technology so they can remain focused on the front-line industry scenarios. We appreciate the intimate business propriety required to remain innovative and competitive. For this model to work, we must begin and end with the question “are we going to build, buy, or partner for this given product, feature, or capability?” These decisions are rigorous and informed by key industry opinion leaders, the partner ecosystem, and our leadership teams.

Taking inspiration from industry leaders

To support this thesis, we built Health Data Services Partner Alliances team. Our charter is to listen to industry leaders like Tom Arneman at EPAM, BJ Moore at Providence, and the broader trusted advisors across the Microsoft health and life sciences partnership ecosystem. This industry driven feedback challenged us to deliver interoperable, FHIR enabled services and partner led solutions. Partners like Redox, Onyx, 3Cloud, EPAM, SAS, Efferent, Teladoc and ZS Services have been instrumental in providing direct user feedback.

These solutions are coming to life with our mutual customers across the provider, payer and pharma industries. Together we are delivering diversified solutions across the HLS continuum that includes users like translational oncology clinical trial coordinators to care providers remotely accessing their patients. We have worked closely to evolve features with early movers that have deep expertise in multi-modal interoperability deployments, FHIR resource creation, MedTech eventing features for remote patient monitoring, and DICOM for imaging. Now we are scaling these managed services with global partners, their large enterprise HLS practices and industry leading ISV solutions. We are deploying a breadth motion and application toolset that will make it simpler for our partners to build new transactional and analytic SMART on FHIR and other applications on top of Azure Health Data Services.

These partners are the cornerstone of building solutions for the greatest challenges we see today and foresee in years to come. At Microsoft we focus on aligning with them on a defined customer and business opportunity, we then commit resources and appropriate enablement to deliver timely and measurable business value. When we execute in this way, our likelihood of optimized collaboration, product; market fit, market adoption, and long-term partnership is much greater.

Azure Health Data Services is built with the goal of enabling our customers to be able to do more with their health data. We want our partners to be able to provide them solutions to do so—solutions optimized for Azure, Microsoft Cloud for Healthcare and Azure Health Data Services which can help them transform patient experience, discover new insights, and accelerate innovation.

Learn more

Learn more about Azure Health Data Services.
Read our recent blog, “Microsoft launches Azure Health Data Services to unify health data and power AI in the cloud.”
Learn more about Microsoft Cloud for Healthcare.
Learn more about how health companies are using Azure to drive better health outcomes.

1EPAM Debuts New Cloud-Powered Digital Clinical Trials Platform.

®FHIR is a registered trademark of Health Level Seven International, registered in the U.S. Trademark Office and are used with their permission.
Quelle: Azure

Streamline Azure workloads with ExpressRoute BGP community support

In today’s globalized world, customers have started to maintain and expand their presence in the cloud across different geographic regions. With these increased deployments across Azure regions comes the increased complexity of customers’ hybrid networks. Establishing connectivity is no longer as simple as exchanging IP addresses between one pair of Azure regions and on-premises locations. Connectivity now requires additional configuration and reconfiguration of IP prefixes and route filters over time as the number of regions and on-premises locations grows. The introduction of Border Gateway Protocol (BGP) community support for Azure ExpressRoute, now in preview, lifts this burden for customers who connect privately to Azure. The support of this feature will also help simplify and unlock new network designs.

A brief overview of ExpressRoute

ExpressRoute lets customers extend their on-premises networks into the Microsoft Cloud over a private connection. With ExpressRoute, customers can connect to services in the Microsoft Cloud, including Microsoft Azure and Microsoft 365, without going over the public internet. An ExpressRoute connection provides more reliability, lower latency, and higher security than a public internet connection.

Globalized hybrid networks with ExpressRoute

A common scenario for customers to use ExpressRoute is to access workloads deployed in their Azure virtual networks. ExpressRoute facilitates the exchange of Azure and on-premises private IP address ranges using a BGP session over a private connection, enabling a seamless extension of customers’ existing networks into the cloud.

When a customer begins using multiple ExpressRoute connections to multiple Azure regions, their traffic can take more than one path. The hybrid network architecture diagram below demonstrates the emergence of suboptimal routing when establishing a mesh network with multiple regions and ExpressRoute circuits:

To ensure that traffic to Region A takes the optimal path over ExpressRoute Circuit 1, the customer could configure a route filter on-premises to ensure that Region A routes are only learned at the customer edge from ExpressRoute circuit 1, and not learned at all by ExpressRoute circuit 2. This approach makes the customer maintain a comprehensive list of IP prefixes in each region and have to regularly update this list whenever new virtual networks are added and private IP address space is expanded in the cloud. As the customer continues to grow their presence in the cloud, this burden can become excessive.

Simplifying routing with BGP communities

With the introduction of BGP community support for ExpressRoute, customers can easily grow their multiregional hybrid networks without the tedious work of maintaining IP prefix lists. A BGP community is a group of IP prefixes that share a common property called a BGP community tag or value. In Azure, customers can now:

Set a custom BGP community value on each of their virtual networks.
Access a predefined regional BGP community value for all their virtual networks deployed in a region.

Once these values are configured on customers’ virtual networks, ExpressRoute will preserve them on the corresponding private IP prefixes shared with customers’ on-premises. When these prefixes are learned on-premises, they are learned along with the configured BGP community values. For example, a customer can set the custom value of 12076:10000 on a virtual network in East US and then start receiving the virtual network prefixes along with the values of 12076:1000 and 12076:50004 (the regional value) on-premises. Customers can then configure their route filters based on these community values instead of by specifying IP prefixes.

With the ability to make routing decisions on-premises based on BGP communities, customers no longer need to maintain IP prefix lists or update their route filters each time they expand their address space in an existing region. Instead, they can filter based on regional BGP community values and update their configurations when deploying workloads in a new region.

Understanding complex networks

Customers may expand their Azure workloads across regions over time, as described earlier, but may also continue to build more complex networks within each region. They may progress from simpler single-virtual network deployments to pursuing hub-and-spoke or mesh topologies containing hundreds of resources. If connectivity or performance issues arise for traffic sent from these resources to on-premises, the complexity of the cloud network can make troubleshooting more difficult. With custom BGP community values configured on each virtual network within a region, a customer can quickly find the specific virtual network that traffic is originating from in Azure and narrow down their investigation accordingly.

Take advantage of custom BGP communities with your Azure workloads

With the power to simplify cross-regional hybrid network designs and speed up troubleshooting, custom BGP communities are a great way for customers to enhance current ExpressRoute setups and prepare for future growth.

Learn more about how to configure custom BGP communities for your own hybrid networks.
Quelle: Azure

Intelligent application protection from edge to cloud with Azure Web Application Firewall

Threat intelligence at scale!

Changes to how we work and operate our businesses have driven every company to now be a digital company. This acceleration in digital transformation has also led to a rise in security risks. Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. Basic protection measures are no longer sufficient as new attack vectors have emerged and attacks have become more sophisticated with automated and large-scale attacks. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else—from the network edge to the cloud.

A quick primer on Azure WAF

We offer two options—global and regional—for deploying Azure WAF for your applications and APIs.

Global WAF: Azure WAF attaches to Azure Front Door, our native, modern cloud content delivery network (CDN), to provide global application acceleration and intelligent security at scale. Azure WAF stops the security attacks at the network edge closer to the source of attack with over hundreds of edge locations around the world.
Regional WAF: Azure WAF attaches to Azure Application Gateway, a highly scalable, web application regional load balancer running in a virtual network. It manages traffic for both internal and external websites and provides application protection in over 60 Azure regions worldwide.

What’s changed?

We are excited to share recent updates and announce many new features that will offer customers better security, improved scale, easier deployment, and better management of their applications.

Application and API protection

Improved security posture with new rulesets: On March 29, we announced the general availability of Managed Default Rule Set 2.0 (DRS 2.0) integrated with Azure Front Door Premium tier. DRS 2.0 includes the latest Microsoft proprietary rules authored by Microsoft Threat Intelligence. Today, on regional WAF attached to Azure Application Gateway, we are excited to announce the general availability of Open Web Application Security Project (OWASP) ModSecurity Core Rule Set 3.2 (CRS 3.2). These updated rulesets provide increased coverage for web vulnerabilities, reduce false positives, and protect against specific vulnerabilities, like Log4J and SpringShell CVEs.
Anomaly scoring with reduced false positives: Like regional WAF, we also introduced anomaly scoring with DRS 2.0 on global WAF which drastically helps reduce false positives for customer applications. In anomaly scoring mode, when an incoming request violates WAF rule, it is assigned an anomaly score based on the severity of the rule, and an action is taken only when the anomaly score reaches a threshold.
Increased size limits: With CRS 3.2, regional WAF can now support request body size inspection up to 2MB and file upload size up to 4GB.
API security: With DRS 2.0, global WAF now also supports XML and JSON content types that allow request inspection to secure inbound traffic. Azure WAF on Azure Front Door and Azure Application Gateway seamlessly integrates with Azure API Management to provide advanced API management and security features.
Advanced customization with per rule exclusions: As in global WAF, today we are also introducing per rule exclusions with CRS 3.2 on regional WAF with Application Gateway.  Exclusions allow you to override WAF engine behavior by specifying certain request attributes to omit from rule evaluation. In addition, we now allow attribute exclusions definitions by name or value of header, cookies, and arguments. Exclusions can be applied to a rule, set of rules, rule group, or globally for the entire ruleset, providing increased flexibility to help reduce false positives and meet application-specific requirements. This feature is currently available via Azure Resource Manager, PowerShell, CLI, and SDK. Azure portal integration will be available soon.

Bot protection

Bots have become an essential part of our customer’s digital footprint, helping to automate and perform key functions. However, attackers are increasingly taking advantage of this by manipulating bots to carry out malicious tasks. We’re continuously improving our platform capabilities to better protect against bot attacks—bot protection with Bot Manager 1.0 ruleset is available through integration with the Azure Front Door Premium tier. Our bot detection and protection rules are based on Microsoft Threat Intelligence and support bot classification for good, bad, and unknown bots. Bad bots include bots from malicious IP addresses or bots that have falsified identities. The malicious IPs are provided by Microsoft’s Threat Intelligence feed, which is based on feeds from external providers and internal threat intel. For good bots, WAF uses reverse DNS lookups to validate if the user-agent and IP address range match what the agent claims it to be. Bot signatures are dynamically managed and automatically updated by WAF when new threat actors are detected.

Performance and scale with the next generation of WAF engine

We are excited to announce the general availability of our next-generation WAF engine on Azure Application Gateway. The new WAF engine, released with CRS 3.2, is a high-performance, scalable Microsoft proprietary engine and has significant improvements over the previous WAF engine.

Benefits of the new Azure WAF engine include:

Improved performance: In our test lab, the new engine resulted in significant reduction in WAF latencies when compared with the previous version of engine. We also observed significant reduction in P99 tail latencies with up to ~8 times in processing POST requests and ~4 times reduction processing GET requests.
Increased scale: Our next-gen engine can scale up to 8 times more RPS using the same compute power and has the ability to process 16 times larger request sizes (now up to 2MB request size), which was not possible earlier with the previous engine.
Better protection: New redesigned engine with efficient regex processing offers better protection against RegEx DoS attacks.
Richer feature set: The new engine is available with the CRS 3.2 version. New features and future enhancements will only be available through the new engine and the later versions of CRS. Customers are strongly encouraged to move to CRS 3.2 version. We are in the process of phasing out CRS 2.2.9 and will stop onboarding new customers on the older CRS 2.2.9 version. Existing customers on CRS 2.2.9 will continue to be supported.

To learn more about the new engine, see WAF engine documentation.

Management and monitoring

Native consistent experience with WAF policy: Application Gateways WAF v2 now natively utilizes regional WAF policy instead of config by default, removing the need for the legacy WAF config experience on Azure Application Gateway. All the latest features and future enhancements will be available via WAF policies. Application Gateway configuration continues to be supported for existing deployments of v1 and v2 SKUs, but customers are strongly encouraged to migrate to Application Gateway v2 with WAF policies that offer a richer feature set and improved experiences at no additional cost. Azure policies can be shared across multiple application gateway deployments, simplifying the management experience. With Azure policy, customers can easily automate deployment and provisioning of applications using DevOps and APIs friendly tools—Azure Resource Manager, REST API, PowerShell, CLI, and Terraform.
Advanced analytics capabilities: You can now access new Azure Monitor metrics on regional WAF for more effective monitoring, troubleshooting, and debugging. Azure Monitor logs and metrics for WAF can be streamed to a central log platform for advanced log analytics and are further consumed by Microsoft Sentinel and Microsoft Defender for Cloud for security monitoring and alerting. Microsoft Sentinel integration allows security analysts to analyze and correlate data from other sources, detect threats, and automate incidence response. For example, we recently released Sentinel hunting queries to detect and respond to zero-day critical vulnerabilities like—Log4J Sentinel hunting queries and SpringShell Sentinel hunting queries.
Built-in security reports: Security reports on Azure Front Door provide powerful visualization of WAF patterns, trends by action, and events by rule types and rule groups. Security threat analysts can view breakdown top events by different dimensions like IP, country, URL, hostname, and user-agent for threat analysis.

Improved manageability: Azure WAF integration with Azure Firewall Manager is coming soon. With this integration, customers will be able to manage WAF policies at scale for applications hosted on Azure Front Door and Azure Application Gateway platforms.

Get started and share your feedback

You can try Azure WAF with Azure Application Gateway and Azure Front Door today. Visit Azure WAF documentation to learn more. As we continue to enhance the Azure WAF offering, we would love to hear your feedback. Post your ideas and suggestions on the networking community page or email us at azurewaf@microsoft.com.

Stay safe!
Quelle: Azure

Customize your secure VM session experience with native client support on Azure Bastion

This blog post has been co-authored by Isabelle Morris, Program Manager, Azure Networking

As organizations move their mission-critical workloads to the cloud, connecting to virtual machines (VMs) directly over the public internet is becoming more of a security risk. The more public IP addresses a customer has attached to VMs in their virtual network, the larger their attack surface becomes and the more vulnerable they are to security threats. The more secure alternative is to deploy a managed jumpbox service that reduces the number of public entry points to a customer’s resources in the cloud. The ideal managed jumpbox service should prioritize both security and flexibility to choose how you connect to your resources. Azure Bastion, Azure’s managed jumpbox service, now provides customers with the ability to customize their connection experience to use a native client of their choice.

Azure Bastion overview

Azure Bastion is a fully managed jumpbox-as-a-service that provides secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to your VMs in local or peered virtual networks. Azure Bastion provides connectivity directly from the Azure portal using Transport Layer Security (TLS). With Azure Bastion, your VMs do not need a public IP address, protecting your virtual machines from exposing RDP and SSH ports to threats on the public internet, while still providing secure access using RDP and SSH. With native client support available on the Standard SKU for Azure Bastion, you now unlock customizable features and added functionality in your VM sessions.

More flexibility to choose how you connect to your VMs

The primary way to connect to your VMs using Azure Bastion is through a quick and simple experience in the Azure portal. Users and administrators can navigate to their Azure VM in the portal and then open a web-based VM session using Azure Bastion. This experience eliminates the need to download any clients, agents, or configure files prior to accessing the VM.

Some customers value integration with existing and familiar processes. With the support for native clients on Azure Bastion, these customers can use command-line based access and a native client of their choice to reach their target VMs. This allows them to use Azure Bastion with a more accessible or familiar user interface, and to integrate connectivity to VMs via the service into their existing scripts.

Native client support offers three Azure CLI commands: az network bastion rdp, az network bastion ssh, and az network bastion tunnel. The az network bastion rdp command and az network bastion ssh enable connectivity to the target VM directly and use the clients mstsc and az ssh respectively. Meanwhile, the az network bastion tunnel command allows more flexibility by establishing a tunnel to the target VM on a specific port, and then allowing the user to connect to the VM using a custom client and the specified port.

Customers now can choose how they connect to their VMs via Azure Bastion—a simple, quick web-based experience or an integrated and customizable experience using a native client.

Simplify your login experience with Azure AD-based authentication

Azure Bastion native client support also unlocks an additional authentication option for users. With the az network bastion rdp and az network bastion ssh commands, users can use their Azure Active Directory (Azure AD) account to access their VMs. Using Azure AD for authentication provides enhanced identity security in conjunction with Azure Bastion’s existing networking security by eliminating the need to manage local VM credentials. For SSH, the Azure AD authentication also simplifies the connect experience by using the credentials the user has already provided to log into Azure CLI and taking them directly to their VM session.

File upload and download to a VM using a native client

Azure Bastion now supports file transfer between your target VM and local computer using Azure Bastion and a native RDP or SSH client. To both upload and download files, users must use the Windows native client on a Windows machine and the az network bastion rdp command. With RDP, users can easily transfer files between their target VM and local Windows machine in just a few clicks. For customers using non-Windows native clients or SSH, the az network bastion tunnel command supports file upload from your local computer to target VM. Third-party clients may also support file download for these scenarios.

Take advantage of native client support for your VM sessions

To learn more about native client support on Azure Bastion, refer to the Connect to a VM using a native client and Azure Bastion documentation. You can also follow our step-by-step guide on transferring files in the Upload or download files using a native client connection documentation.
Quelle: Azure

Announcing new investments to help accelerate your move to Azure

As businesses adapt to new ways of operating, IT leaders are presented with increasing challenges to achieving sustainable growth. Ensuring your business continues to run without interruptions while adapting and transforming can be paramount. If your company is looking for options to migrate your server estate to the cloud, we have news for you.

Outstanding offers

Extended Security Updates and Azure Migration and Modernization Program support to larger migration projects.

Microsoft has great offers for Windows Server and SQL Server customers looking to move to the cloud. Azure offers free Extended Security Updates for SQL Server 2012 and Windows Server 2012/2012 R2, giving you more time to modernize supported applications for three additional years beyond the 10 years granted by Microsoft Support. Microsoft also allows customers to save significantly when running their workloads in Azure Virtual Machines with Azure Hybrid Benefit, which combined with reserved instances can enable up to 85 percent savings when compared to other cloud services.

To help support your migration and modernization to the cloud, mitigating potential unforeseen risks and costs, Microsoft is expanding the Azure Migration and Modernization Program (AMMP). In the past years, AMMP has helped thousands of customers like Jotun unlock the value of the cloud, bringing together the right mix of resources and best practices at every stage of their journey. We’re now investing significantly more to support your largest Windows/SQL Server migration and modernization projects—up to 2.5 times larger based on project eligibility. This investment will help with your migration in two ways: partner assistance with planning and moving your workloads, and Azure credits that offset transition costs during your move to Azure SQL Managed Instance and Azure SQL Database.

Unparalleled innovation

Unlock your SQL Server and Windows Server’s greatest potential in Azure, with unique capabilities and more options for true hybrid cloud flexibility. With Microsoft you can choose the option that aligns best to your business needs, migrating and modernizing servers with solutions like Windows Server and SQL Server running in virtual machines (VMs), Azure SQL managed databases, and hybrid management through Azure Arc.

When you have your VMs in Azure, management becomes simplified with dedicated solutions such as Azure Automanage and Windows Admin Center in the Azure portal. Azure SQL allows you to spend more time innovating and less time patching, updating, and backing up your databases, as Azure is the only cloud with evergreen SQL that automatically applies the latest updates and patches so that your databases are always up to date, eliminating end-of-support hassles. Azure SQL also features built-in AI that automatically tunes databases ensuring peak performance for every database, delivering leading price-performance.

Unmatched security

Security is foundational for Azure. If your company is running SQL Server 2012 and Windows Server 2012/2012 R2, this is the time to consider assessing those environments as they reach the end of support on July 12, 2022 and October 10, 2023 respectively. Not having support means the end of security updates, which may leave your business exposed to security risks and compliance concerns. Azure offers three years of extended security updates. You can learn more here.

Multilayered security is provided across physical datacenters, infrastructure, and operations with cyber security experts actively monitoring to protect your Windows Server and SQL Server, including in hybrid deployments with Azure Arc. Microsoft has more than 3,500 cybersecurity professionals and spends $1 billion annually on security to help protect, detect, and respond to threats, so you can grow a safe and secure business. The Azure platform is a leader in compliance coverage with 90 plus compliance offers that allow you to proactively safeguard your data and streamline compliance. Our commitment to privacy is uncompromising. Our core privacy principle is, you own your data. We will never use it for marketing or advertising purposes, in turn providing you confidence around data storage and security. 

Get started

Learn more about your end of support options for SQL Server 2012 and Windows Server 2012/R2.

Get started with the Azure Migration and Modernization Program (AMMP). Talk to your Microsoft representative to understand eligibility requirements and submit your Windows Server and SQL Server project today.
Quelle: Azure

Azure Cost Management and Billing updates – April 2022

Whether you're a new student, a thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you're spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Azure Cost Management and Billing comes in.

We're always looking for ways to learn more about your challenges and how Azure Cost Management and Billing can help you better understand where you're accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Summarized totals in the cost analysis preview
Download your Azure prices as a ZIP file
Unlock cloud savings on the fly with autoscale on Azure
What's new in Cost Management Labs
New ways to save money with Azure
New videos and learning opportunities
Documentation updates
Join the Azure Cost Management and Billing team

Let's dig into the details.

Summarized totals in the cost analysis preview

I’ve talked about how the cost analysis preview is the future of analytics and insights in Cost Management. While what we have today is a solid foundation that most prefer over classic cost analysis, there’s still a lot left before we can fully replace the classic experience. This month’s update is one small step in that direction with the addition of the Total, Average, and Budget key performance indicators (KPIs) at the top of cost analysis.

The Total KPI shows the summarized total across all rows. If you have charges in multiple currencies, cost is normalized to USD to show an overall total. Most views default to show actual, billed charges. The Reservations view shows amortized costs to break down and allocate your reservation purchases to the resources that received the prepurchase benefit. As a reminder, if you’d like to switch to amortized cost from another view, you can select the Customize command at the top to switch. Learn more about amortization, see View amortized reservation costs.

The Average KPI shows the average daily cost for the period. If your period includes the current day, the average is calculated up to and including yesterday, but does not include partial cost from the current day since the data for the day is not complete. Keep in mind every service submits usage at different timelines which will impact the average calculation. Learn more about data latency and refresh processing at Understand Cost Management data.

The Budget KPI shows the monthly budget you have configured with a quick link to edit the budget. If you don’t have a budget yet, you’ll see a link to create a new budget. Budgets created from the cost analysis preview are preconfigured with alerts when your cost exceeds 50 percent, 80 percent, and 95 percent of your cost or 100 percent of your forecast for the month. You can add additional recipients or update alerts from the Budgets page.

You may have seen these rolling out over the past few months, but they are now available to everyone. If you’re interested in what’s coming next, check out What’s new in Cost Management Labs below. Labs includes additional previews you might be interested in, like charts and grouping related resources. Check out the latest updates in cost analysis preview and let us know what you’d like to see next.

 

Download your Azure prices as a ZIP file

One important aspect of optimizing cost is comparing prices across different resource SKUs and regions. This can be cumbersome when using the portal or Azure pricing calculator but is a perfect scenario for automation with the Cost Management Price Sheets API. Now you can download your Azure prices as a ZIP file with multiple, smaller CSV files to make parsing the file easier. This helps avoid issues where the file can grow too big to be opened in tools like Microsoft Excel.

Learn more about the Price Sheets API and update your scripts today.

Unlock cloud savings on the fly with autoscale on Azure

Unused cloud resources can put an unnecessary drain on your computing budget, and unlike legacy on-premises architectures, there is no need to over-provision compute resources for times of heavy usage.

Autoscaling is one of the value levers that can help unlock cost savings for your Azure workloads by automatically scaling up and down the resources in use to better align capacity to demand. This practice can greatly reduce wasted spend for those dynamic workloads with inherently “peaky” demand.

To learn more, read Unlock cloud savings on the fly with autoscale on Azure.

What's new in Cost Management Labs

With Cost Management Labs, you get a sneak peek at what's coming in Azure Cost Management and can engage directly with us to share feedback and help us better understand how you use the service, so we can deliver more tuned and optimized experiences. Here are a few features you can see in Cost Management Labs:

New: Cost Management tutorials
Whether you’re just getting started or looking to learn more about specific features, tutorials are now a click away from the Cost Management overview in Cost Management Labs.
Update: Access preview views from classic cost analysis – Now available in the public portal
Get one-click access to the new preview views from classic cost analysis in the View menu. You can see this in classic cost analysis in Cost Management Labs.
Update: Average cost in the cost analysis preview – Now available in the public portal
See your average daily cost at the top of the cost analysis preview. You can opt in using Try Preview.
Update: Budgets in the cost analysis preview – Now available in the public portal
Quickly create and edit budgets directly from the cost analysis preview. If you don’t have a budget yet, you’ll see a suggested budget based on your forecast. You can opt in using Try Preview.
Update: Anomaly detection alerts – Now enabled by default in Labs
Subscribe to automatic email alerts when a new anomaly has been detected. Anomaly detection is only available for subscriptions in the cost analysis preview. You can opt into this preview using Try Preview and then configure anomaly alerts from the Alerts page.
Update: Grouping SQL databases and elastic pools – Now enabled by default in Labs
Get an at-a-glance view of your total SQL costs by grouping SQL databases and elastic pools under their parent server in the cost analysis preview. You can opt in using Try Preview.
Charts in the cost analysis preview
View your daily or monthly cost over time in the cost analysis preview. You can opt in using Try Preview.
View cost for your resources
The cost for your resources is one click away from the resource overview in the preview portal. Just click View cost to quickly jump to the cost of that particular resource.
Change scope from the menu
Change scope from the menu for quicker navigation. You can opt-in using Try Preview.

Of course, that's not all. Every change in Azure Cost Management is available in Cost Management Labs a week before it's in the full Azure portal. We're eager to hear your thoughts and understand what you'd like to see next. What are you waiting for? Try Cost Management Labs today.

New ways to save money with Azure

Lots of cost optimization improvements over the last month! Here are some of the generally available offers you might be interested in:

On-demand capacity reservations for virtual machines.
Ebsv5 virtual machines increase remote storage performance.
Azure HBv3 virtual machines for HPC now upgraded.
Cosmos DB autoscale RU/s entry point is 4x lower.
Azure Database for PostgreSQL – Flexible Server now supports more high availability regions and US Gov Virginia and US Gov Arizona for Azure Government.
Azure Database for MySQL – Flexible Server in China East 2 and China North 2.
Azure Batch supports Spot Virtual Machines.
IBM WebSphere on Azure with evaluation licensing.
Azure Stream Analytics in 10 new regions.

And here are some of the new previews:

Capacity reservation support in AKS.
Azure Dedicated Host support in AKS.
Arm64-based virtual machines can deliver up to 50% better price-performance.
NC A100 v4 virtual machines accelerate AI applications.
Virtual machines with Ampere Altra Arm-based processors.
DCsv3 virtual machines available in Switzerland and West US.
Azure SignalR Service Premium tier.

New videos and learning opportunities

Here are a couple new videos you might be interested in:

Reduce your costs with Azure Spot Virtual Machines (18 minutes).
Announcing Microsoft Azure FX Series Virtual Machine General Availability (2 minutes).

Follow the Azure Cost Management and Billing YouTube channel to stay in the loop with new videos as they’re released and let us know what you'd like to see next.

Want a more guided experience? Start with Control Azure spending and manage bills with Azure Cost Management and Billing.

Documentation updates

Here are a few documentation updates you might be interested in:

New: Prepay for Virtual machine software reservations.
New: View amortized reservation costs.
Identify anomalies and unexpected changes in cost now covers anomaly detection.
Analyze Azure costs with the Power BI App includes details about how cost may differ from the EA portal.
Save and share customized views includes a note about how many views you can save.

Want to keep an eye on all of the documentation updates? Check out the Cost Management and Billing documentation change history in the azure-docs repository on GitHub. If you see something missing, select Edit at the top of the document and submit a quick pull request.

Join the Azure Cost Management and Billing team

Are you excited about helping customers and partners better manage and optimize costs? We're looking for passionate, dedicated, and exceptional people to help build best in class cloud platforms and experiences to enable exactly that. If you have experience with big data infrastructure, reliable and scalable APIs, or rich and engaging user experiences, you'll find no better challenge than serving every Microsoft customer and partner in one of the most critical areas for driving cloud success.

Watch the video below to learn more about the Azure Cost Management and Billing team:

Join our team.

What's next?

These are just a few of the big updates from last month. Don't forget to check out the previous Azure Cost Management and Billing updates. We're always listening and making constant improvements based on your feedback, so please keep the feedback coming.

Follow @AzureCostMgmt on Twitter and subscribe to the YouTube channel for updates, tips, and tricks. You can also share ideas and vote up others in the Cost Management feedback forum or join the research panel to participate in a future study and help shape the future of Azure Cost Management and Billing.

We know these are trying times for everyone. Best wishes from the Azure Cost Management and Billing team. Stay safe and stay healthy.
Quelle: Azure

Enhance your classroom experience with Azure Lab Services—April 2022 update

Azure Lab Services offers classroom labs for higher education, K-12 institutions, and commercial organizations that don't want to use the on-premises hardware but rather want to harness the power of the cloud to host labs for students or users. We are excited to announce major updates to Azure Lab Services including enhanced lab creation and improved backend reliability, access performance, extended virtual network support, easier labs administration via new roles, improved cost tracking via Azure Cost Management service, availability of PowerShell module, and .NET API SDK for advanced automation and customization, and integration with Canvas learning management system. Learn more about the new update and how to use it.

Along with making significant reliability enhancements to the backend, labs creation, and access performance improvements, this major update is bringing a whole slew of additional features for the IT departments and administrators, educators, and the students, who are the three key personas that use this service.

IT and administrators

For the IT and administrators, we have now introduced the concept of a lab plan instead of a lab account to provide more control over the creation, configuration, and management of the labs. For ease of administration of the lab, new roles have been created to provide granular control for different people managing labs for a large organization.

Creating a large number of labs with many virtual machines requires additional vCPUs which you have to request from us. With this new update, there is an improved vCPU capacity management for your subscription and you don't share the vCPU capacity with others using the service. We have also now made it easier for you to track costs for your lab resources in Azure Cost Management. We have replaced virtual network peering with virtual network injection. With Virtual Network Injection you have more control over the network for lab virtual machines. In your own subscription, create a virtual network in the same region as the lab, delegate a subnet to Azure Lab Services, and you’re off and running.

For advanced automation, deployment, configuration, and management we have the PowerShell module and .NET API SDK. The Azure Lab Services PowerShell will now be integrated with the Azure PowerShell module and will release early February. In alignment with all the global compliance and regulatory laws around data residency, we are also saving the customer data in the regions where the labs are set up.

Educators

For all the educators and instructors using the service, we have added new functionality to improve their experience. Azure Lab Services can now be integrated within Canvas, a popular learning management system. Educators can use Canvas to create and configure labs for the students. Students can connect to the virtual machine from inside their course in Canvas. We have improved the auto-shutdown feature of the virtual machine. Auto-shutdown settings are now available for all operating systems. In addition, we have improved idle detection based on resource usage. For more flexibility, an instructor or IT Administrator can choose to skip the virtual machine template creation process if they already have an image ready to use or want to quickly deploy virtual machines for their lab.

Students

Student experiences have also improved. Students can now redeploy their virtual machine without losing data if they are having issues accessing or using the virtual machine. If the lab is set up to use AAD group sync, there is no longer a need to send an invitation email so students can access their virtual machine—one is assigned to the student automatically.

Learn more

We are eager to have you use our new and improved service to realize your educational, learning, and training scenarios no matter what industry you work in. Contact us directly or get started today to use the enhanced experience!
Quelle: Azure

How Microsoft measures datacenter water and energy use to improve Azure Cloud sustainability

One of the biggest topics of discussion at COP26, the global climate conference held in November 2021, was how a lack of reliable and consistent measurement hampers progress on the path to Net Zero. I have been reflecting on this issue and, on this Earth Day, I would like to provide an update on how we are measuring energy and water use at our datacenters to improve sustainability across the Azure Cloud.

Today, we’re sharing an important update on how Microsoft, and our datacenters, are helping to solve our part of this measurement challenge.

While the environmental goals are similar, each industry has unique challenges in measuring its carbon emissions to build its sustainability strategy. It’s one of the key reasons we, together with ClimateWorks Foundation and 20 other leading organizations, launched the Carbon Call. It’s also why we developed Microsoft Cloud for Sustainability, an Azure-based platform that allows organizations to combine disparate data sources into one place and help provide insights into how to improve their sustainability approaches.

You’ve told us just how important measuring energy and water consumption from our datacenters is in taking sustainability into account for commercial decisions. Below you will see, for the first time, our datacenter PUE (Power Usage Effectiveness) and WUE (Water Usage Effectiveness) metrics. To address these capabilities, we set design goals—our theoretical estimates of the most efficient we can operate our datacenters—and ensure we have measurements of our actual efficiencies. These targets can vary between datacenter generations and usage; for instance, newer datacenter generations as well as datacenters operating at peak utilization are more efficient. We track these statistics at a global level and by our operating geographies—Americas, Asia Pacific, and EMEA (Europe, Middle East, Africa).

Understanding Power Usage Effectiveness (PUE)

PUE is an industry metric that measures how efficiently a datacenter consumes and uses the energy that powers the datacenter, including the operation of systems like powering, cooling, and operating the servers, data networks and lights. The closer the PUE number is to “1,” the more efficient the use of energy.

While local environment and infrastructure can affect how PUE is calculated, there are also slight variations across providers. Here’s the simplest way to think about PUE.

We design and build our datacenters toward the optimum PUE figure. We can also predict, with a high degree of accuracy, that optimum PUE figure. As we constantly innovate, we factor these changes into our datacenter designs to get as close to “1” as feasible. Our newest generation of datacenters have a design PUE of 1.12 and, with each new generation, we strive to become even more efficient. In the chart below, the blue bars show our estimated, or designed, PUE figures, while the grey bars indicate our actual PUE figures. As you can see, in Asia Pacific our actual PUE is higher; that’s due in part to higher ambient temperatures in the region which necessitates additional cooling.

In almost every region, our actual operating PUE is more efficient than our designs.

Understanding Water Usage Effectiveness (WUE)

Water Usage Effectiveness (WUE) is another key metric relating to the efficient and sustainable operations of our datacenters and is a crucial aspect as we work towards our commitment to be water positive by 2030.

WUE is calculated by dividing the number of liters of water used for humidification and cooling by the total annual amount of power (measured in kWh) needed to operate our datacenter IT equipment.

Like PUE, there are variables that can impact WUE—many of which relate to the location of the datacenter. Humid locations often have more atmospheric water, while arid locations have very little. Datacenters in colder parts of the world, like Sweden and Finland operate in naturally cooler environments so require less water for cooling. Our datacenter designs minimize water use. The chart below shows (in blue) our estimated or designed WUE figure, and in grey, our actual WUE figure. Again, Asia Pacific is higher due to higher ambient temperatures and as a result the need in some places for water-cooled chillers.

We continue to integrate our standards in water reduction technologies such as those in our Phoenix, Arizona datacenter where we use direct outside air most of the year to cool servers. We otherwise cool through direct evaporation that requires a fraction of the water compared to other, conventional water-based cooling systems such as water-cooled chillers.

Furthermore, by powering our datacenter with power from the Sun Streams 2 Solar Project owned by local partner, Longroad Energy, we’re displacing the water needed in the traditional electricity generation process and expect to save 356 million liters of water annually.

Scope 3 and supply chain

As we shared in March with our annual sustainability report, we made good progress on a number of our goals. Across the company’s operations, we saw an overall reduction in our Scope 1 and Scope 2 emissions of about 17 percent year over year, through our purchasing of renewable energy. At the same time, we also saw a rise in our Scope 3 emissions, which increased about 23 percent year over year.

We know that Scope 3 emissions (representing the total emissions across a company’s entire value chain) are the most difficult to control and reduce, because we can often only influence change. We know this is a long-term effort and this year we have increased our focus on operational discipline that is rooted in reliable data. We’ve also been working with partners across the industry, including Infrastructure Masons on carbon transparency within the datacenter supply chain, and will have exciting news to share at the Datacloud Global Congress on April 25 to 27.

Learn more

We know just how crucial data transparency and consistency are in helping our customers make the correct choices for their business, and hope that today’s announcement on our PUE and WUE data will be an important step forward in informing decisions about their sustainability strategies.

To learn more about our datacenter operations and commitments in action today, you can visit:

Microsoft sustainability
Azure sustainability
Microsoft Azure's global infrastructure
Take a virtual tour of Microsoft’s datacenters

Quelle: Azure

Microsoft announces new collaboration with Red Button for attack simulation testing

As we highlighted in our latest attack trends report, Distributed Denial-of-Service (DDoS) attacks are one of the biggest security concerns today. Whether in the cloud or on-premises, DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet. Planning and preparing for a DDoS attack is crucial to a well-vetted incident management response plan.

Today, Microsoft is excited to announce a new collaboration with Red Button, offering our customers an additional DDoS attack simulation testing provider to choose from. With Red Button’s DDoS Testing service suite, you will be able to work with a dedicated team of experts to simulate real-world DDoS attack scenarios in a controlled environment. Simulation testing allows you to assess your current state of readiness, identify gaps in your incident response procedures, and guide you in developing a proper DDoS response strategy.

Red Button DDoS Testing

Red Button’s DDoS Testing service suite includes three stages:

1. Planning session

Red Button experts meet with your team to understand your network architecture, assemble technical details, and define clear goals and testing schedules. This includes planning the DDoS test scope and targets, attack vectors, and attack rates. The joint planning effort is detailed in a test plan document.

2. Controlled DDoS attack

Based on the defined goals, the Red Button team launches a combination of multi-vector DDoS attacks. The test typically lasts between three to six hours. Attacks are securely executed using dedicated servers and are controlled and monitored using Red Button’s management console.

3. Summary and recommendations

The Red Button team provides you with a written DDoS Test Report outlining the effectiveness of DDoS mitigation. The report includes an executive summary of the test results, a complete log of the simulation, a list of vulnerabilities within your infrastructure, and recommendations on how to correct them.

Here is an example of a DDoS Test Report from Red Button:

In addition, Red Button offers two other service suites that can complement the DDoS Testing service suite:

DDoS 360 is an “all included” annual service that includes the DDoS Testing, DDoS Hardening, DDoS team skills development, and DDoS Incident Response services. The program consists of multiple year-round activities carried out by Red Button’s top DDoS experts, which includes extensive pre-attack activities to strengthen your technological infrastructure and improve the skills of your teams as well as a dedicated incident response expert team in the event of an attack.
DDoS Incident Response (IR) is a 30-day incident response service that consists of three phases: when under a DDoS attack or DDoS threat (for example, DDoS ransom threat), Red Button DDoS experts are immediately assigned and work closely with your security and IT teams to analyze the attack and apply the appropriate mitigations. Once the attack has been fully mitigated, Red Button audits your network architecture and DDoS protection system configuration, including running a DDoS test and provides detailed recommendations for hardening and optimization to prevent future attacks. Lastly, Red Button conducts DDoS training for your teams to increase your skills and readiness, and helps you build a DDoS Playbook that provides detailed procedures and activities to prepare for any future attack.

Azure DDoS simulation testing policy

Red Button’s simulation environment is built within Azure. You can only simulate attacks against Azure-hosted public IP addresses that belong to an Azure subscription of your own, which will be validated by Azure Active Directory (Azure AD) before testing. Additionally, these target public IP addresses must be protected under Azure DDoS Protection.

You may only simulate attacks using our approved testing partners:

Red Button.
BreakingPoint Cloud.

Learn more

Red Button: DDoS Services—Protection Consulting and Testing.
Azure DDoS Protection simulation testing partners: Azure DDoS Protection simulation testing documentation.
Microsoft penetration testing guidelines: Penetration testing documentation.
Azure DDoS Protection Standard product page.
Azure DDoS Protection Standard documentation.
DDoS Protection best practices.

Quelle: Azure