Generally Available: New Health Check infrastructure for Azure Traffic Manager

Azure Traffic Manager has introduced new health check infrastructure to improve the resiliency and scalability of the service. This infrastructure is now available, and customers are being moved onto the new infrastructure. The rollout of the new probing infrastructure delivers improved horizontal scalability and better reliability for Traffic Manager health checks. Guidance on Firewall Configurations Health probes from the new infrastructure originate from updated IP addresses. Most customers are already operating on the new platform. For environments where firewall rules have not been recently refreshed, the following options ensure health checks are allowed: 1. Preferred option (recommended): Configure firewall rules with the AzureTrafficManager [Service Tag](https://learn.microsoft.com/azure/virtual-network/service-tags-overview) in NSGs or Azure Firewall. Service Tags automatically include the latest health check IPs without requiring manual updates. * [How to use Service Tags with NSGs](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#use-service-tags-in-network-security-groups) * [How to use Service Tags with Azure Firewall](https://learn.microsoft.com/azure/firewall/service-tags) 2. If Service Tags are not feasible (e.g., custom appliances, non-Azure environments): * Manually update ACLs or firewall rules to allow the latest IP prefixes for AzureTrafficManager. The full list of IPs is available in the [Azure IP Ranges and Service Tags JSON file](https://www.microsoft.com/en-us/download/details.aspx?id=56519). * Firewall rules should be refreshed periodically to reflect the latest updates.