# Azure Governance âď¸ & Management đ¨
- by Meagan McCroryManaging servers and VMs across Azure, on premises, and multi-cloud environments often means turning on core capabilitiesâmonitoring, updates, inventory, and configurationâthrough separate setup experiences. Weâve heard feedback that this makes it harder to get visibility into machine state and take […]
- by ShannonHicksAs Azure evolves, certain features are deprecated to streamline services and improve security and performance. One such upcoming change is the deprecation of the Docker Content Trust (DCT) feature in Azure Container Registry (ACR) which is ongoing over a three-year […]
- by JaspreetKaurARG GET/LIST API delivers 10X higher throttling quotas to callers compared to ARG query unlocking a more scalable, resilient way to perform resource lookups in Azure. ARG GET/LIST API is a new platform capability within Azure Resource Graph that provides […]
- by jodibooneRecap: Azure Governance @ Ignite 2025 Azure governance is thrilled to be back at ignite this year with some exciting updates. In this blog we will be sharing highlights from the session, overviews on new releases, and links on how […]
- by rochakmIn todayâs cloud-first world, resilience isnât optionalâitâs mission-critical. The next phase of cloud operations is about simplifying workflows, enhancing control, and removing friction from daily work. At Microsoft Ignite 2025, Azure is redefining resiliency with expanded capabilities to include Infrastructure Resiliency, […]
- by riteshkiniIn todayâs cloud-first world, optimization is no longer a luxuryâitâs a strategic imperative. As IT professionals and developers navigate increasingly complex environments, the need to reduce costs, improve sustainability, and accelerate decision-making has never been more urgent. Â At Ignite […]
- by mutemwamashekeBackground: Azure Machine Configuration remains committed to enabling greater security and simplicity in at-scale server management for all Azure customers. Machine Configuration (previously known as Azure Policy Guest Configuration) enables both built-in and custom configuration as code allowing you to […]
- by Fernando_VasconcellosThis curated series of modules is designed to equip technical and business decision-makers, including IT, developers, engineers, AI engineers, administrators, solution architects, business analysts, and technology managers, with the practical knowledge and guidance needed to make cost-conscious decisions at every […]
# Azure Infrastructure đď¸
- by deepthihrIntroduction As organizations deploy enterprise AI platforms on Azure, security requirements increasingly drive the adoption of private-first architectures. Private networking only Centralized firewalls or NVAs Hubâandâspoke virtual network architectures Private Endpoints for all PaaS services While these patterns are well […]
- by whosocuriousThe Problem: Cost Is a Blind Spot in IaC Reviews Code reviews for Bicep or Terraform templates typically focus on correctness, security, and compliance. But cost is rarely part of the review process because: Developers don't have easy access to […]
- by KenHooverMSFTAbout On-Demand Capacity Reservations Introducing the âparking garageâ metaphor There are dozens of VM types available in Azure which span multiple generations of CPU across vendors and architectures. Within each Azure region are datacenters hosting pools of hardware which runs […]
- by lakshaymalikThis article is for AKS platform/infra engineers, SREs, and security teams who want a practical, enforceable model for stopping common Kubernetes misconfigurations before they become incidentsâwithout turning delivery into bureaucracy. Why incidents still happen after âadding security to the pipelineâ Most […]
- by ShivaniThadiyanAI Capabilities Built into Azure SQL Managed Instance Azure SQL MI includes multiple intelligence layers by default: Intelligent Insights for anomaly detection Automatic tuning (recommend mode) Copilotâassisted diagnostics Native vector data types for AI workloads These capabilities work together without […]
- by ShivaniThadiyanWhy Traditional Drift Detection Isnât Enough Most teams already rely on: Terraform plan reviews Azure Policy compliance dashboards Azure Resource Graph queries Manual scripts and audits The problem isnât missing dataâitâs interpretation at scale. Validation outputs are: Verbose and noisy […]
- by kumaramit1đ What Is Private Application Gateway? Historically, Application Gateway v2 required a public IP address to communicate with the Azure control plane (GatewayManager). This requirement imposed several constraints: Mandatory public IP exposure Restricted Network Security Group (NSG) rules Limited route […]
- by kumaramit1Why Subscription Vending Is Critical at Scale Azure subscriptions define the security, governance, and billing boundary for workloads. In large organizations, manual subscription creation often leads to: Inconsistent management group placement Delayed or missing policy enforcement Incorrect RBAC assignments Lack […]
# Azure Network Securityđ
- by saikishorIntroduction: Azure Firewall Premium provides strong protection with a built-in Intrusion Detection and Prevention System (IDPS). It inspects inbound, outbound, and east-west traffic against Microsoftâs continuously updated signature set and can block threats before they reach your workloads. IDPS works […]
- by SaleemBseeuIntroduction Distributed Denial of Service (DDoS) attacks continue to be one of the most prevalent threats facing organizations with internet-facing workloads. Azure DDoS Protection provides cloud-scale protection against L3/4 volumetric attacks, helping ensure your applications remain available during an attack. […]
- by Mohit_KumarAs threat actors continue to blend reconnaissance, exploitation, and post-compromise activity, network-level signals remain critical for early detection and correlated response. To strengthen this layer, we're introducing five new Azure Firewall IDPS detections, now available out of the box in […]
- by ShabazShaikManaging secure remote access to virtual machines traditionally means juggling public IP addresses, configuring jump boxes, deploying VPN infrastructure, and managing complex firewall rules. Each layer adds cost, complexity, and potential security vulnerabilities. Azure Bastion changes everything. It's a fully […]
- by JdasariThe holiday season continues to be one of the most demanding periods for online businesses. Traffic surges, higher transaction volumes, and user expectations for seamless digital experiences all converge, making reliability a non-negotiable requirement. For attackers, this same period presents […]
- by SaleemBseeuIntroduction Azure provides infrastructure-level DDoS protection by default to protect Azureâs own platform and services. However, this protection does not extend to customer workloads or non-Microsoft managed resources like Application Gateway, Azure Firewall, or virtual machines with public IPs. To […]
- by saikishorIntroduction Zero Trust has emerged as the defining security ethos of the modern enterprise. It is guided by a simple but powerful principle: âNever trust, always verify.â This principle is more relevant now than ever as cyberattacks continue to trend […]
- by yuvalperyPlease subscribe to this blog as we will be updating the suggested rules as new attack permutations are found. Â On December 3, 2025, the React team disclosed a critical remote code execution (RCE) vulnerability in React Server Components (RSC), […]
# Azure Virtual Desktop (AVD) đĽď¸
- by Rinku_DalwaniUDP support over Private Link for Azure Virtual Desktop is now generally available. This release enables a direct, highâperformance, UDPâbased RDP connection between AVD session hosts and clients over Azure Private Link using RDP Shortpath for managed networks. This capability […]
- by Ron_ColemanToday Azure Virtual Desktop (AVD) is now available in the USGov Texas region of Azure Government, providing customers with an additional region for deploying secure and flexible virtual desktop environments that support a broad range of mission needs. Key benefits With this regional expansion, customers can now: […]
- by TomHickling Editor's Note: This post was last updated on January 21, 2026. At Microsoft, we understand customers need a desktop service that is reliable and resilient. Thatâs why weâve made service resilience a core architectural design principle within the Azure […]
- by Steve_DownsAzure Virtual Desktop is a secured, cloud-based virtual desktop infrastructure (VDI) service that enables organizations to deliver Windows desktops and applications to users. Originally launched in 2019, Azure Virtual Desktop has evolved rapidly to meet the changing needs of modern […]
- by ivaylo_ivanovWindows 10 reaches end of support on October 14, 2025. A great place to learn about all the Windows 10 Extended Security Updates (ESU) options is in our blog post, When to use Windows 10 Extended Security Updates. In this […]
- by Ron_ColemanAzure Virtual Desktop continues to evolve with features that simplify deployment and management of session hosts for our customers. Today, weâre excited to announce the public preview of Ephemeral OS disk support, the latest milestone in our Enhanced Host Pool […]
- by Ron_ColemanWeâre pleased to announce that the Azure Virtual Desktop metadata database is now available in the Korea Central region. This release is part of our ongoing global expansion, following our rollout earlier this year in Southeast Asia. By extending regional […]
- by Rinku_DalwaniWe are excited to announce the public preview of Remote Desktop Protocol (RDP) Multipath for Azure Virtual Desktop. This new feature is designed to enhance remote desktop connectivity and reliability without requiring configuration changes from IT admins and users. By […]