When I formed the Azure Networking group at Microsoft’s R&D center in Israel over a year ago, I had no idea that in no time our work is going to become so crucial for the entire world. The coronavirus sent the world’s population to work from home and boosted the importance of Azure and the need for reliable and secure networking.What does our group do?
Since Azure is one of the largest networks in the world, we have a critical impact on billions of people. This requires us to develop innovative solutions that can handle the scale and speeds of today’s world, with extended focus on reliability and quality. Our group has two missions. One, is building security solutions within the Azure network to protect organizations’ data in the cloud. The other mission is to build new infrastructure and services, leveraging the hardware to accelerate and scale-up the Azure network.A Tech Tale of two cities
In Tel-Aviv we have our cyber security hub where we focus on Network Security, whereas in Haifa we have our hardware experts and Kernel developers who work on Host Networking - focusing mainly on hardware offloading.Firewall for all
One of our projects is building Azure Firewall. It’s a cloud-based Firewall that protects workloads in Azure and in organizational networks. It is built to be a “best for Azure” offering, baked into the infrastructure, providing with the fastest, simplest, and most cost-effective solution for protecting resources in the Azure environment (virtual machines, databases, containers, etc.). The team in Tel-Aviv is leading the development of Firewall Premium, a security-oriented product which includes vital features for large Enterprise customers such as TLS termination, IDPS, Web categories, DLP and Malware detection.When DDoS meets cloud
Azure is a massive network with millions of Public IPs; this makes DDoS attacks a constant daily threat and dealing with them is critical to ensure that Azure is operating well, maintaining the products and services we provide to our customers at high quality and availability. Therefore, our Tel-Aviv team is working on Azure DDoS Protection. They’re entrusted with writing the new DDoS mitigation engine that will monitor all Azure traffic across the globe, identify threats in real-time and defend against such attacks, which can reach bandwidths of several Tbps.Oh, this is smart!
A major project that we’re working on in Haifa is the Smart NIC, where the team is developing a new FPGA-based Network Interface Card that will be incorporated into next-gen Azure servers throughout the world. This strategic project will make it possible to continue the massive growth of Azure by offloading network and storage management off the host to dedicated hardware, supporting greater network throughput, enabling proprietary features, and reducing cost. This will boost the profitability and efficiency of the cloud infrastructure.Accelerating the Azure network
Another way to leverage the use of hardware in the cloud is to accelerate various networking functionalities. At the scale of Azure, there are some things you simply cannot do without hardware offloading. This is exactly what we, as a team, are trying to do. The team’s first mission is developing a traffic mirroring service called Virtual TAP (or VTAP) for duplicating customer traffic at line-speed, with 100% reliability and immune to any malicious 3rd party actors. This traffic can then be sent to security services for real-time alerting and analytics.Mission Impossible?
There’s a famous saying in Azure: “At the scale of Azure, the improbable happens every day and the impossible happens every week”. We keep studying Azure, figuring out what it means to build a network of this incredible scale. It is a humbling endeavor for us to create services that can handle the complexity of this network, which carries so much of the world’s traffic. Our challenge is to keep developing Azure to be the world’s most powerful and reliable cloud.Are we still recruiting?
Yes. We’re looking for more talent. Hardware and software people, juniors and seniors, to work in Tel-Aviv or Haifa, people who want to influence and develop something that’s essential in the lives of billions of people. So, if you enjoy the accountability for critical services, if you love this field and if you’re curious and have in-depth knowledge of these complex systems, here’s a chance to do something extraordinary and be part of the biggest thing Microsoft is building.