Choose the Right Azure Region

Author: Tan Hassan
Published: November 6, 2024

21 minutes to read

Tags: AzureRegion

Selecting the right Azure Region is a pivotal decision that directly influences the success of an organisation’s cloud infrastructure. In this post, I’ll walk you through the key factors to consider when choosing an Azure region, share a real-world success story where I applied these strategies to help a finance company scale their operations globally, and provide you with valuable resources to guide your own decisions. Don’t miss out on insights that could elevate your cloud strategy to the next level!

Section 1: Azure Region Selection

What is Azure Region?

An Azure region refers to a geographic area that contains one or more physical Azure Datacentres. These Datacentres are positioned within a defined latency boundary to ensure optimal performance and robust security for users. Microsoft Azure has over 60 regions worldwide and each Azure region has specific characteristics. Azure Regions are used to provide cloud services to businesses and allow them to deploy resources closer to their customers.

Why Does Choosing the Right Azure Region Matter?

As organizations grow and expand their digital footprint, selecting the right Azure region becomes a critical decision that directly impacts performance, compliance, and cost. Whether you’re a startup or an established business, understanding how to choose the most suitable Azure region can optimize your operations and future-proof your infrastructure. Let’s explore this further.

1. Business Requirements: Azure Regions offers a vast array of options, each with its unique characteristics. Before deploying applications and services on Azure, it is crucial to assess the business requirements first.

2. Impacts: Poor decisions on selecting the right region can result in legal risks, performance issues and higher costs.

3. User Experience: We may not have all the necessary services required to run the application stack, resulting in a poor end-user experience.

4. Time-To-Market: Selecting the wrong region may increase the deployment time and delay the amount of time it takes to bring a product or service from the idea stage to the market launch compared to their competitors.

5. Reputation: And, all the above can jeopardize the brand’s reputation.

How to Select the Right Region?

When you design your strategy to use Microsoft Azure, you can choose from many Azure regions around the world. Region selection is a key part of your overall cloud adoption strategy. Each Azure region has specific characteristics, so it’s essential to choose the best regions for your Azure resources. “You might be thinking, how hard can it be? Why not just choose the region closest to your users? Well, it’s not that simple. I’ll guide you through the process step by step, and by the end, you’ll understand why.”

Let’s explore the key considerations using a real-world scenario when selecting an Azure region.

1. Ensure Compliance

Compliance is the process of ensuring that an organization’s security practices, policies, and controls meet the standards set by regulatory agencies, industry associations, and standards bodies. Here are some key compliance considerations.

Regulatory Requirements: Many countries and industries, such as Government, healthcare or finance, have strict laws regarding where data must be stored and processed. Choosing a region that complies with these local regulations, like GDPR in the UK and Europe, ensures that you avoid hefty fines and legal risks. For example, Azure Government Regions are created specifically for the US government.

Data Privacy: Certain industries require that sensitive data like medical records, and financial data, remain within a specific geographical region. A wrong region choice can lead to data breaches or non-compliance issues.

Security Measures: Security is also crucial for protecting sensitive customer data, including payment information. Choosing a region that offers enhanced security features will further safeguard the company’s operations.

2. Check Service Availability and Capacity

The services you can deploy in a region depend on the region’s type, among other factors. It is essential to ensure Azure product availability by region to guarantee that you have all the required products for your application services. As shown in the image below, the ‘Azure AI Services: Azure OpenAI Service’ is not available in Australia Southeast at the time of writing this post. Similarly, not all services are available in every region.

You can download the product availability list by region from this URL: https://azure.microsoft.com/en-au/explore/global-infrastructure/products-by-region/.

Azure is a massively scalable platform, but each region has a maximum capacity. A region’s maximum capacity can affect which types of subscriptions can deploy what types of services and under what circumstances. Regional capacity is different from a subscription quota. If you’re planning a deployment or migration to Azure, it’s a good idea to speak with your local Azure field team or your Azure account manager. Ask for confirmation that you can deploy at the scale that you need.

When you use regions for disaster recovery purposes, consider whether the destination region provides the capacity that you need to support your workloads. For workloads that are based on virtual machines (VMs), consider using capacity reservations to guarantee the availability of capacity in the regions that you use. You can also consider on-demand capacity reservation which is different from reserved instance. For more information visit: https://learn.microsoft.com/en-us/azure/virtual-machines/capacity-reservation-overview.

3. Plan for High Availability (HA) and Disaster Recovery (DR)

Downtime is not an option for businesses relying on 24/7 uptime, such as e-commerce platforms. Disaster recovery and high availability are essential considerations when choosing an Azure region.

What is HA?

HA ensures that a system remains operational with minimal downtime during regular use. It focuses on eliminating single points of failure by running multi-node, by using redundancy and clustering, and by using failover techniques. The goal is to provide continuous service, usually with a Service Level Agreement of 99.9% uptime or higher.

What is DR?

DR is focused on restoring services after a significant failure, such as a natural disaster, hardware failure, or cyberattack. It involves backups, replication, and DR sites to recover data and restore systems. DR is concerned with minimizing the time to return to normal operations, often measured with Recovery Time Objective, which is the time it takes to restore the service, and Recovery Point Objective, which is how far back can we restore the service from.

How Do High Availability (HA) and Disaster Recovery (DR) Impact Region Selection?

HA and DR are driven by blast radius requirements, Recovery Time Objective(RTO) and Recovery Point Objective(RPO), cost-effectiveness, and performance optimization.

If the blast radius for a business is over 50 km and they want to minimize costs while requiring lower RTOs, we can select a single region with multiple Availability Zones (AZs). In this scenario, the HA workload can be deployed across two or more AZs, while the DR workload can be protected between the AZs.

If a business wants to protect its workload against region-wide disasters, such as earthquakes and extreme weather, then multiple regions should be selected. The use of more than one AZ may or may not be necessary. In this case, it is essential to ensure that the region has a paired region. Some Azure services support cross-region replication, which automatically replicates data to a secondary region. For example, Geo-Redundant Storage is one such service.

Note that not all Azure Regions have paired region and availability zones. Take a look at the images below.

Azure Regions without a paired region.

 

Azure Regions with Availability Zones.

 

For more information about availability zone service and regional support visit: https://learn.microsoft.com/en-us/azure/reliability/availability-zones-service-support.

4. Consider Region Proximity

Users or services that need to access your Azure services might reside in various geographies globally. Similarly, your Azure services might need to consume services from external sources that are located in various geographies. Or your services might need to connect to your on-premises systems.

Proximity is an important factor to consider when you select an Azure region. If you use Azure ExpressRoute to connect to your on-premises systems, you can optimize network connectivity and reduce latency by using a region that’s close to your on-premises systems. Subsequent connections between Azure regions use the high-speed Microsoft global network.

5. Evaluate Latency

Latency directly affects how fast your application responds to user requests. If you’re deploying a real-time application, like a financial trading platform or a video conferencing app, latency is critical. Low latency leads to faster response times, making the application feel smoother for end-users. Let’s delve into evaluating latencies.

Round-trip Latency

Azure provides round-trip latency figures between regions. This is a 30 days figure in milliseconds. Azure network round-trip latency statistics can be found here: https://learn.microsoft.com/en-us/azure/networking/azure-network-latency?tabs=Americas%2CWestUS.

There’s a community-developed Azure Latency Calculator to measure Azure network latency, download, and upload speeds across multiple global locations. Here is the link: https://www.azurespeed.com/Azure/Latency.

Branch-to-Azure Latency

There’s a community-developed Branch-to-Azure Speed Test Tool AzureSpeedTest. You will need to run this tool from the target branch. Once you run the tool and receive the result, make sure it meets business requirements.

6. Assess Connectivity Requirements to Azure

There are multiple ways to connect to Azure infrastructure from an on-premises environment, each with its own benefits. Let’s explore each option.

Azure VPN

A good choice for moderate bandwidth and latency, and if you’re comfortable with data travelling over the public internet. Azure VPN is also cheaper than ExpressRoute and is suitable for small organizations.

ExpressRoute and VPN failover

You can combine ExpressRoute with VPN failover to get the higher bandwidth of ExpressRoute and highly available network connectivity.

Azure Virtual WAN

A good choice for clients with a global reach who need a higher level of options. It can link branch offices, IoT devices, and virtual desktops.

Azure ExpressRoute Direct

ExpressRoute Direct is a good choice for large-scale active-active connectivity and for physical isolation in regulated industries. It provides dual 100 Gbps or 10 Gbps connectivity; however, it is a very expensive service and requires full management. It is recommended for regulated industries and service providers. Here is the price difference between ExpressRoute with Service Providers and ExpressRoute Direct. .

Azure ExpressRoute with Service Providers

A better option for high bandwidth, low latency, and secure data transmission. ExpressRoute is a private connection between your on-premises infrastructure and Azure Datacentres that integrates with a service provider using a virtual connection. It’s a good choice for critical business operations and government entities.

When selecting ExpressRoute with service providers, it’s important to evaluate the latency between the branch and the nearest providers. If the customer’s Datacentre is on-premises rather than in a co-location facility, ensure that there’s a Megaport Point-of-Presence nearby. If not, an alternative solution may be needed. You can verify this by visiting the Megaport website.

Megaport Distance Calculator: https://www.megaport.com/megaport-enabled-locations/?locationId=3.

Megaport latency Calculator: https://www.megaport.com/network-latency/?country=USA&locationId=56.

For example, let’s consider Megaport and our Sydney office. If you take a look at the image below, you see that the nearest Megaport Point-of-Presence (PoP) is less than 1.3kms which is within close proximity.

.

7. Assess Connectivity Across Geographies

Refer to the Azure Regional Map to determine the closest regions. For example, if you are expanding from Australia to the U.S., identify the nearest regions, or if expanding from the U.S. to Canada, check which regions are closest.

Azure Region Map. .

8. Weigh Pricing and Costs

Azure services vary in cost depending on the region. Factors such as local taxes, energy prices, and demand affect the pricing structure. For global businesses, it’s important to compare costs across multiple regions to maximize budget efficiency.

Regional Pricing Variations

Different regions have varying pricing, so it’s important to select a region that balances performance and cost.

Here’s an example of Virtual Machine price across regions. .

Data Transfer Cost

Azure charges for data transfer between regions and across continents. Minimizing data movement is essential to control expenses.

Azure Bandwidth refers to data moving in and out of Azure Datacentres, as well as data moving between Azure Datacentres; other transfers are explicitly covered by the Content Delivery Network, ExpressRoute pricing, or Peering. Azure bandwidth pricing tables can be found here: https://azure.microsoft.com/en-us/pricing/details/bandwidth.

9. Conclusion

Selecting the right Azure region is all about finding the right balance between performance, compliance, cost, and growth. For businesses expanding into new markets, it’s important to assess each factor based on the specific needs of your workload. By taking the time to carefully plan and choose the right region, businesses can ensure their Azure infrastructure delivers optimal performance while meeting compliance and security requirements.

 

Section 2: Real-Life Example

In my recent engagement with a major finance organisation, I was tasked with the strategic expansion of their brownfield Azure Landing Zone to incorporate their newly acquired business operations across the U.S., U.K., and Europe. This endeavour involved a comprehensive assessment of their existing cloud architecture, compliance requirements, and operational needs to ensure seamless integration and optimal performance.

As part of my evaluation, I applied the above considerations including network latency, data residency requirements, service availability, and cost implications associated with different Azure regions. The findings from this assessment highlight critical considerations that should inform your Azure region selection process.

This example can serve as a foundational reference for your next Azure region selection initiative, providing insights into best practices and technical considerations that can enhance your overall cloud strategy.

Latency Assessment

Region Assessment

Cost Comparison

Regions on the Internet Map

 

Section 3: Valuable Resources

Azure Globe

Azure Globe is a visual representation of Microsoft Azure’s global infrastructure, showcasing the various regions, availability zones, and the overall network of Datacentres that support Azure services. It serves as a helpful tool for users to understand Azure’s global reach and the geographic distribution of its cloud resources.

Key Features

1. Key Features of Azure Globe: Interactive Visualization: Azure Globe provides an interactive map where users can explore Azure regions and availability zones. This visual representation allows users to see the physical locations of Azure Datacentres worldwide.

2. Region Information: Users can click on different regions to access detailed information about each Azure region, including the available services, compliance certifications, and latency details. This helps businesses decide where to host their applications based on proximity to users and service availability.

3. Availability Zones: The globe highlights Azure availability zones within each region, emphasizing Azure’s commitment to high availability and disaster recovery. Each availability zone is a separate physical location within a region that can provide redundancy and fault tolerance.

4. Global Connectivity: Azure Globe illustrates how Azure Datacentres are interconnected, showcasing the global network that supports services such as content delivery, data replication, and multi-region applications.

5. Service Deployment Planning: Organizations can use Azure Globe to plan the deployment of their resources, ensuring compliance with data residency requirements and optimizing performance by selecting the most appropriate regions for their workloads.

Benefits of Using Azure Globe

1. Enhanced Decision-Making: By visualizing Azure’s global infrastructure, businesses can make informed decisions about where to deploy their applications and services based on user locations, compliance needs, and performance requirements.

2. Improved Understanding of Azure’s Reach: Azure Globe helps users appreciate the extensive reach of Azure’s cloud services and how they can leverage this infrastructure for global business operations.

3. Planning for Compliance and Redundancy: Understanding the geography of Azure’s infrastructure helps organizations ensure compliance with local regulations and plan for redundancy in their deployments.

Azure Globe URL

https://datacenters.microsoft.com/globe/explore/.

Azure Sovereign Regions

Some regions are dedicated to specific sovereign entities. Although all regions are Azure regions, these sovereign regions are isolated from the rest of Azure. Microsoft doesn’t necessarily manage them, and they can be restricted to certain types of customers. These sovereign regions are Azure China 21Vianet and Azure Government - US. Sovereign regions are built to the same standards of resiliency as other Azure regions.

1. Azure China 21Vianet: Microsoft Azure operated by 21Vianet (Azure in China) is a physically separated instance of cloud services located in China. It’s independently operated and transacted by Shanghai Blue Cloud Technology Co., Ltd. (“21Vianet”), a wholly owned subsidiary of Beijing 21Vianet Broadband Data Center Co., Ltd. Users accessing Azure China will use a different portal.

   Azure Portal: https://portal.azure.cn.

2. Azure Government - US: Azure Government delivers a dedicated cloud enabling government agencies and their partners to transform mission-critical workloads to the cloud. Azure Government services can accommodate data that is subject to various US government regulations and requirements. To provide you with the highest level of security and compliance, Azure Government uses physically isolated Datacenters and networks located in the US only. Compared to Azure Global, Azure Government provides an extra layer of protection to customers through contractual commitments regarding the storage of customer data in the US and limiting potential access to systems processing customer data to screened US persons. You will need to sign up to Azure Government - US before logging in to the portal.

   Sign up here: https://usgovintake.embark.microsoft.com/.

   Azure Portal: https://portal.azure.us.

Azure Datacentre Locations

Azure Datacentre Locations refer to the physical sites where Microsoft Azure’s cloud services are hosted. These Datacentres are spread across various geographic regions worldwide and are critical for providing scalable, reliable, and secure cloud services to customers. Each Azure Datacentre is equipped with the necessary infrastructure to support various Azure services, including computing, storage, networking, and databases.

The current list of Azure Datacentres and their address can be found here: https://www.datacenters.com/providers/microsoft-azure/data-center-locations.

Azure Region Pairs

While Azure regions are designed to offer protection against local disasters with availability zones, they can also provide protection from regional or large geography disasters with disaster recovery by making use of another secondary region that uses cross-region replication both the primary and secondary regions together form a region pair. For more information visit: https://learn.microsoft.com/en-us/azure/reliability/cross-region-replication-azure.

Performance Efficiency Checklist

Performance Efficiency Checklist presents a set of recommendations for you to scale your system so it can grow and meet your workload usage demand. The goal of performance is to maintain the efficiency of every interaction with a healthy system as demand increases. When you design and implement for performance, focus on the efficiency and effectiveness of cost, complexity, supporting new requirements, technical debt, reporting, and toil. Here is the checklist: https://learn.microsoft.com/en-us/azure/well-architected/performance-efficiency/checklist.

Recommendations for Performance Testing

Performance testing helps you evaluate the functionality of a workload in various scenarios. It involves testing the workload’s response time, throughput, resource utilization, and stability to help ensure that the workload meets its performance requirements.

Testing helps to prevent performance issues. It also helps ensure that your workload meets its service-level agreements. Without performance testing, a workload can experience performance degradation that is often preventable. Workload performance can drift from performance targets and established baselines. For the end-to-end guidance visit: https://learn.microsoft.com/en-us/azure/well-architected/performance-efficiency/performance-test.

 

Final Thoughts

In summary, choosing the right Azure region is not a one-size-fits-all decision. Each business has unique needs, and careful consideration of factors such as latency, compliance, and pricing can make all the difference. Use the steps outlined in this post, valuable resources along with lessons learned from real-world examples, to make an informed decision that will help your business thrive in a global cloud environment.

Share on Twitter (X) Share on LinkedIn