Skip to main content

New services in Microsoft Azure : Data Box and DDOS protection standard

We saw a lot of new exciting features for Azure being announced in the recently concluded MSIgnite conference. Many of the long anticipated features or products were released in preview and in this blog series I will try to explore some of these features and how you can get started with them.

Azure Data box

This can be considered as an extension to the Storage import/export services already available in GA in Azure. While using the Import/export service, customers have to copy their data to HDDs of a given specification and then send them off to Azure datacenters, where the data will be moved to your storage of choice . This services targets migration scenarios where customer have to transfer several terabytes of data to Azure storage and over the network transfer would take  a very long time or is practically impossible.More details about this service can be found here :
 With Azure Data box we move one step ahead, where you can order an Azure Data box to copy and transfer your data to Azure. It is described as a 'secure,tamper-resistant' option of transferring your data to Azure cloud. It uses a plug and play model supporting NAS protocols such as CIFS & SMB and data is encrypted using 256 bit AES encryption. The services is available in preview and you can signup for the same from the Azure portal.As shown below, you need to provide some details such as Azure Subscription, Azure of data to be transferred and , targeted Azure region and service, data transfer time frame and frequency.

Azure DDOS protection standard

Azure platform has  DDOS protection built in at platform level.This protects against platform level DDOS attacks and is now being named as Azure DDOS protection basic.This isolates any resources being attacked when a predefined  threshold is reached. However this service is platform managed and controlled. DDOS standard is a new offering in preview that helps integrate DDOS at Virtual network level. Services that have public IPs associated with it like VMs, load balancer ,application gateways and service fabric instances are protected against DDOS attack . DDOS standard provides protection against volumetric attacks and protocol attacks (layer 3 and layer 4) . When used with Application gateway WAF it also provides protection against layer 7 attacks like HTTP protocol violations,SQL injection and cross-site scripting . The service can defend and protect against 60 types of DDOS attacks . DDOS protection standard is integrated with Azure monitor and provides visibility of the metrics. Alerts about any kind of attacks happening in your environment can be generated using Azure Metrics, OMS integration etc. The service offers turnkey protection and can be used for always on traffic monitoring. More details about the service is available from this document : . You can sign up for the preview from this link : 


  1. It is really a helpful blog to find some different source to add my knowledge.
    Microsoft 365 Certified: Developer Associate

  2. Superbly written article, if only all bloggers offered the same content as you, the internet would be a far better place.. Pegasus


Post a Comment

Popular posts from this blog

Cloud Security - Risk factors

Cloud security is a major consideration for enterprise wide cloud adoption, especially public cloud. This is part 1 of a serious of blog posts , where I am planning to pen down the different dimensions of Cloud security, starting with the risk factors of cloud adoption. The various attributes of security risks  involved in the process can be summed up as follows: ENISA* recommends the following  risk areas to be taken into account, while embarking on a cloud adoption journey

Windows server 2012: where is my start button??

If you have been using Windows Server OS for a while, the one thing that will strike you most when you login to a Windows server 2012 is that there is no start button!!.. What??..How am I going to manage it?? Microsoft feels that you really dont need a start button, since you can do almost everything from your server  manager or even remotely from your desktop. After all the initial configurations are done, you could also do away with the GUI and go back to server core option.(In server 2012, there is an option to add and remove GUI). So does that mean, you need to learn to live without a start button. Actually no, the start button is very much there .Lets start looking for it. Option 1: There is "charms" bar on the side of your deskop, where you will find a "start" option. You can use the "Windows +C" shortcut to pop out the charms bar Option 2: There is a hidden "start area"in  the bottom left corner of your desktop

Install nested KVM in VMware ESXi 5.1

In this blog, I will explain the steps required to run a nested KVM hypervisor on  Vmware ESXi. The installation of KVM is done on Ubuntu 13.10(64 bit). Note: It is assumed that you have already installed your Ubuntu 13.10 VM in ESXi, and hence we will not look into the Ubuntu installation part. 1) Upgrade VM Hardware version to 9. In my ESXi server, the default VM hardware version was 8. So I had to shutdown my VM and upgrade the Hardware version to 9 to get the KVM hypervisor working. You can right click the VM and select the Upgrade hardware option to do this. 2)In the ESXi host In /etc/vmware edit the 'config' file and add the following setting vhv.enable = "TRUE" 3)Edit the VM settings and go to VM settings > Options  > CPU/MMU Virtualization . Select the Intel EPT option 4) Go to Options->CPUID mask> Advanced-> Level 1, add the following CPU mask level ECX  ---- ---- ---- ---- ---- ---- --H- ---- 5) Open the vmx