Microsoft announced two new isolated Virtual Machine (VM) sizes for workloads on Azure dedicated to a single customer, to provide isolated hardware. These VM sizes will provide tenant-level isolation to customers who need high degree of isolation for compliance and regulatory requirements. Tenants are clients who own and manage a specific instance of cloud service.
The new isolated virtual machine sizes— E64i_v3 and E64is_v3 are similar to existing Azure VM sizes (E64_v3 and E64s_v3). The additional ‘i’ in the new VM sizes indicate isolation.
The performance, pricing models, and availability zones of E64i_v3 and E64is_v3 VMs will be same as E64_v3 and E64s_v3, respectively. The new VM sizes will operate on Intel Xeon Processor E5-2673 v4 2.3 GHz hardware.
These will be generally available through on-demand portal from 1st May 2018.
Last week, Microsoft announced the general availability of NCv3 virtual machines, and Just-in-time VM access, both of which were available in preview till then.
The NCv3 is a VM size on Azure which uses Nvidia Tesla V100 to handle high performance computing, machine learning, and AI workloads.
NCv3 VM sizes are now generally available in US East region, and will be available in EU West and US South Central by the end of this month.
Just-in-Time (JIT) VM Access is a threat prevention mechanism for IT professionals. The JIT can be enabled for all the VMs or selected ones.
When enabled, JIT creates a policy in VMs to determine the number of ports to be protected, protocols to be allowed, for how long the ports should remain opened, and the IP addresses that can be accessed.
Just in Time VM access is available as a part of Azure Security Center with standard pricing tier.