For quite some time, Microsoft has been searching for the right approach to its sovereign cloud offering. Instead of just a limited, regulated public cloud variant, the company is now also scaling up Azure Local. With their own hardware, organizations can now scale up much further than before, while still using Microsoft’s cloud services. Does this make sense as a middle ground for sovereignty?
Azure Local was previously limited to 16 nodes per cluster. A single sovereign environment can now contain thousands of servers, even though Microsoft does not specify an exact number. The expansion is a clear move toward governments, critical infrastructure, and organizations in highly regulated sectors. They will feel sovereignty requirements most acutely, though increasing digital autonomy is desirable for all kinds of businesses. The question is whether Azure Local, in its scaled-up form, is the answer.
With the general availability of Azure Local in February, Microsoft had already introduced offline operations for isolated environments. Yesterday’s announcement adds scale, but limitations inherent to Azure Local remain. Consider the fact that proprietary hardware is still required—something the move to the cloud is meant to avoid—and not every server is compatible. Flexibility regarding network configurations is limited, especially after setting up Azure Local, while management and available applications impose restriction after restriction. Microsoft Fabric, Cosmos DB, and the Azure OpenAI Service are considered critical components for AI infrastructure within the Azure domain, but they are simply not available for this new sovereign environment.
Disaggregated architecture and new features
View this version of Microsoft Sovereign Private Cloud—as it is called in the announcement—primarily as a practical extension of Azure Local. It is not, in fact, an offering like Microsoft Sovereign Cloud or AWS European Sovereign Cloud. This is not a public cloud with private/sovereign restrictions, but an on-premises solution that is becoming more widely deployable.
That doesn’t mean it stops there. For instance, the update introduces a disaggregated architecture where compute and storage resources can be scaled independently of one another. SAN storage integration with partners such as Dell Technologies, HPE, Lenovo, and NetApp is now generally available after being released as a preview last November. Another new feature is that Local Identity with Azure Key Vault is now generally available, eliminating the need for Active Directory in isolated deployments.
Intel Xeon 6 processors provide the compute foundation with built-in AI support via Intel AMX. Microsoft implicitly views this as an alternative to extremely expensive GPU-based AI infrastructures. This allows organizations to perform AI inference and data-intensive analytics entirely within their own, sovereign infrastructure.
Kadaster and AT&T as customers
The Dutch Land Registry uses Azure Local to maintain sovereign control over sensitive government data. Maarten van der Tol, General Manager at the Land Registry, states: “As a government agency responsible for the most sensitive data in the Netherlands, we need infrastructure that gives us complete control over where our data is stored and how it is managed. Azure Local has been a consistent foundation in this regard.”
Outside the Netherlands, AT&T and the Italian company FiberCop are two other customers using Azure Local for mission-critical telecom infrastructure and edge locations, respectively. Sovereign Private Cloud deployments can scale from a single edge node to large enterprise data centers, running on hardware owned by the organizations themselves.