What is the difference between Azure Host Dedicated and Azure VM Isolation?

RnD0102 176 Reputation points
2020-01-09T12:23:16.133+00:00

Hii, can anyone please explain to me about Azure Host Dedicated and Azure VM Isolation?

VM isolation is Azure Compute offers virtual machine sizes that are Isolated to a specific hardware type and dedicated to a single customer.

Azure Dedicated Host provides physical servers that host one or more Azure virtual machines. Your server is dedicated to your organization and workloads—capacity isn’t shared with other customers. This host-level isolation helps address compliance requirements. As you provision the host, you gain visibility into (and control over) the server infrastructure, and you determine the host’s maintenance policies.

Question And please correct me if I have misunderstanding :

  1. what is the meaning of "specific hardware type on vm isolated"? Does the isolated only apply to one hardware resource such as CPU, RAM, disk based on the size VM family?
  2. and if vm isolated = dedicate server (All resource dedicated/Not shared) based on the scalability of VMs isolate & Azure hosts have in common. so what is azurehost purpose?
  3. To choose the right cloud computing service, when should I choose VM isolation? and when will I choose the azure host?
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,979 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sam Cogan 10,077 Reputation points MVP
    2020-01-09T14:15:14.273+00:00

    An isolated VM is isolated due to the fact that the size of VM happens to take up the whole of the underlying host, whereas a dedicated host is a host that is specifically to you for your use only.

    This is an important distinction for two reasons:

    1. Isolated VM's could become non-isolated in the future as hardware changes and underlying hosts get bigger. We are seeing this right now with the D15_V2 VM's going from isolated to non-isolated in February 2020
    2. A dedicated host is a host dedicated to you, onto which you can deploy any number of VM's of different sizes (up to the capacity of the host), where as an isolated VM is just a single VM

    There are also additional benefits of a dedicated host such as:

    • Control over maintenance and patching events on the host
    • Use of Azure Hybrid licence benefit
    3 people found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Bruce G 1 Reputation point
    2022-09-23T06:57:27.64+00:00

    Azure Host Dedicated:
    Microsoft Azure Dedicated Host allows customers to run their virtual machines on a dedicated host not shared with other customers. While in a regular virtual machine scenario different customers or tenants share the same hosts, with Dedicated Host, a customer does no longer share the hardware. The picture below illustrates the setup.

    With a Azure Dedicated Host, Microsoft wants to address customer concerns regarding compliance, security, and regulations, which could come up when running on a shared physical server. In the past, there was only one option to get a dedicated host in Azure. The option was to use very large instances like a D64s v3 VM size. These instances were so large that they consumed one host, and the placement of other VMs was not possible.

    To be honest here, with the improvements in machine placement, larger hosts, and with that a much better density, there was no longer a 100% guaranty that the host is still dedicated. Another thing regarding instances is they are extremely expensive, as you can see in the screenshot from the Azure Price Calculator.

    Azure VM Isolation:
    One of the primary benefits of cloud computing is concept of a shared, common infrastructure across numerous customers simultaneously, leading to economies of scale. This concept is called multi-tenancy. Microsoft works continuously to ensure that the multi-tenant architecture of Microsoft Cloud Azure supports security, confidentiality, privacy, integrity, and availability standards.

    In the cloud-enabled workplace, a tenant can be defined as a client or organization that owns and manages a specific instance of that cloud service. With the identity platform provided by Microsoft Azure, a tenant is simply a dedicated instance of Azure Active Directory (Azure AD) that your organization receives and owns when it signs up for a Microsoft cloud service.

    Each Azure AD directory is distinct and separate from other Azure AD directories. Just like a corporate office building is a secure asset specific to only your organization, an Azure AD directory was also designed to be a secure asset for use by only your organization. The Azure AD architecture isolates customer data and identity information from co-mingling. This means that users and administrators of one Azure AD directory cannot accidentally or maliciously access data in another directory.

    0 comments No comments