Azure Managed Disk
An Azure managed disk is similar to a physical disk that you would find in a physical on-prem server, but it's virtualized. It's a block level storage volume that's used with Azure VMs and is managed by Microsoft Azure.
For starters, managed disks are designed for 99.999% availability. That's five nines of availability. To achieve this level of availability, there are three replicas of the data stored on each managed disk. This type of durability protects you from not only one, but two failures of disk replicas.
Managed disks make it easy to deploy and scale VMs. Microsoft Azure allows up to 50,000 VM disks of a specific type per region in each subscription. This allows you to create thousands of virtual machines in one subscription. Because Azure supports so many disks, you can create VM scale sets that include up to 1000 VMs per set, provided you use a marketplace image.
Benefits to Managed Disk
Highly durable and available
Simple and scalable VM deployment
Integration with availability sets
Integration with Availability Zones
Azure Disk & Azure Backup Support
Azure managed disk offer four types of disk type
Premium SSDs (solid-state drives)
Standard HDDs (hard disk drives)
Azure Managed Disk Comparison
Azure Managed Disk support two types of redundancy
LRS - Locally-redundant storage (LRS) replicates your data three times within a single data center in the selected region
ZRS - Zone-redundant storage (ZRS) synchronously replicates your Azure managed disk across three Azure availability zones in the region you select. Each availability zone is a separate physical location with independent power, cooling, and networking.
Azure Managed Disk Encryption
Azure Managed Disk support three types of encryption available including Azure Disk Encryption (ADE), Server-Side Encryption (SSE) and encryption at host.
Azure Disk Encryption – ADE help us to protect and safeguard the data to meet the security and compliance commitment. ADE provide the volume encryption though bit locker and DM-Crypt.
Server-Side Encryption – it also referred to as encryption-at-rest or Azure Storage encryption) automatically encrypts data stored on Azure managed disks (OS and data disks) when persisting it to the cloud
Encryption at host ensures that data stored on the VM host is encrypted at rest and flows encrypted to the Storage service. Disks with encryption at host enabled are not encrypted with SSE