Virtual Network Service Endpoints in Azure and expanded conditional access capabilities for Azure Active Directory were among the announcements made at the Microsoft Ignite conference this week in Orlando, Florida.
“As you continue to bring your mission-critical workloads to Azure, we will continue to simplify the overall network management, security, scalability, availability and performance of your applications,” writes Yousef Khalidi, corporate vice president of Azure Networking.
Azure services such as Storage and SQL have internet-facing IP addresses, and many customers would prefer that their Azure services not be exposed directly to the internet, Khalidi says. “Virtual Network Service Endpoints extend your virtual network private address space and the identity of your VNet to Azure services. You can restrict Azure resources to only be accessed from your VNet and not via the internet.”
Meanwhile, Alex Simons, director of program management for the Microsoft Identity Division, writes about a new wave of scenarios that expand conditional access capabilities, including integration across Enterprise Mobility + Security (EMS) Azure Information Protection and Microsoft Cloud App Security services, also announced at Ignite.