DoD IL5 scope expands to all Azure Government regions

When supporting IL5 workloads on Azure Government, you can meet the DoD isolation requirements in different ways. The isolation guidelines for IL5 workloads documentation page addresses configurations and settings for the isolation required to support IL5 data and workloads.

With detailed instructions per service, this documentation page will be maintained to provide updated guidance on each of the services available in Azure Government at IL5 (read: we recommend bookmarking this page).

Expanded service availability at IL5

One of the many net-new capabilities this expanded coverage provides is deploying workloads on GPU-enabled VMs. For example, you can use the NV24 hardware. The NV-series enables powerful remote visualization workloads and other graphics-intensive applications backed by the NVIDIA Tesla M60 GPU.

When deployed, specific VM types consume the entire physical host for that VM. These VMs provide the necessary level of isolation required to support IL5 workloads when deployed outside of the dedicated DoD regions.

Current VM SKUs that offer necessary compute isolation as of April 19, 2019

Another example of expanded service availability is around services such as Azure SQL and Azure Storage across all Azure Government regions. With the capability of using customer managed keys for encryption at rest, these services can be utilized from any of the Azure Government regions at IL5.

As a reminder, Storage Service Encryption with customer managed keys uses Azure Key Vault, providing highly available and scalable secure storage for RSA cryptographic keys. Key Vault streamlines the key management process and enables customers to maintain full control of keys used to encrypt data, manage, and audit their key usage.

Watch the video

In this episode of the Azure Government video series, Steve Michelotti, Principal Program Manager, Azure Government, sits down with Zach Kramer, Principal Group PM Manager, Azure Government, to discuss the IL5 expansion in Azure Government.

Zach shows the documentation guidance for IL5 workloads, along with a demo of how easy it is to use numerous Azure services – regardless of the Azure Government region – in compliance with IL5 standards. You’ll also learn some encryption best practices for your data, including how to separate it and manage the keys effectively, helping the IL5 mission owner stay in control of their data.

Learn more

The isolation guidelines for IL5 workloads documentation page addresses configurations and settings for the isolation required to support IL5 data.

As mentioned above, we recommend bookmarking this page as we’ll be updating it on a regular cadence to add new options for isolation and add new services that have made it through the DoD approval process. This will enable you to build numerous applications with high-order capabilities, whether it’s robust types of virtual machines, different high-level services like Azure Functions, or other mission-critical services for your Impact Level 5 workloads.