Colin Chaplin is a freelance Infrastructure Architect who helps large organisations transform Microsoft-based infrastructure.
Server Message Block (aka SMB), a file server protocol originally conceived in the 1980’s, is the network protocol we use every day. Later versions of SMB have moved the game on in terms of security and latency tolerance, but it’s not perfectly aligned to cloud technologies. It brings with it challenges including capacity, lack of metadata, and it is difficult to manage the data and collaborate with external partners. It’s an old technology and old problems come with it. As such, we need to consider how we do File services when moving to the cloud.
OneDrive for Business
Especially for personal data, OneDrive for Business is the natural product choice when moving to the cloud and included with most Office 365 offerings. It offers local-disk-speed access performance for files whilst syncing to Office 365 meaning the data is readily available on any device the user chooses. The SharePoint Onlinebackend means reporting and collaboration can be done like any SharePoint site.
The new sync client, currently in beta, provides more configuration options and improvements to reliability. My experience suggests it does what it says on the tin. As each OneDrive comes with a rather generous 1TB, it reverses a traditional capacity management problem where local storage is plentiful, cheap (but not backed up!) and fileserver storage is expensive, usually lacking – but safe and secure. You may need to consider what happens when users start reporting that their local hard drives/SSDs fill up! Outlook Web App and Outlook 2016also encourage users to upload and share a file via OneDrive for Business, rather than the anachronistic model of email-the-attachment-around.
The OneDrive store-locally and sync model, doesn’t work so well in scenarios where users may use a different computer every day, or a random session like Remote Desktop Services or Citrix XenApp. The OneDrive website is always an option, but if the user is creating and editing files, it is not the slickest experience. You might tailor this environment to suit OneDrive for Business with Personal Vdisks or Personal Virtual Desktops, which would therefore give you the repeat-use required for OneDrive to operate successfully. I’d bet on further product developments here, as the pace of developments is pretty impressive.
Data Loss Prevention
Combined with Office 2016, the Data Loss Prevention(DLP) ability offered with OneDrive for Business is a compelling feature for IT Pros. We’ve had DLP in Exchange for some time – you could tell Exchange to perform some action if it detects an email with a credit card number in it, for example. This idea has recently been expanded to OneDrive for Business. The game-changer here is that the compliance messages actually appear in the office application. It can turn the IT department from being ‘policemen’ to actual advisers, changing culture and bringing to life the messages that users are probably having to learn in corporate mandated data protection training CBTs! Perhaps like configuring an intrusion detection system, it would be best to start with logging, then warnings to fine tune your rule sets. You should make sure your security and compliance people understand the features offered here, because it really does offer a unique and very-necessary feature.
There is also a product called Azure Filesand at first glance this seems to be an ideal solution. It has the flexibility, availability and scalability we have come to associate with Azure. However, access permissions in the form of the traditional NTFS style permissions we know and love are currently not supported, so it’s not really suitable for our use…yet!
SharePoint is part of Office 365 and comes with generous capacity and much of the functionality of the on premise product. Many group file shares can be transformed into part of a team site, bringing with it the enhanced collaboration benefits provided by SharePoint.
Domain Joined Windows Servers in Azure
You could simply stand up a few domain-joined windows servers in Azure (maybe as a DFS-R node for resiliency). This would give you capacity on-demand and even multi-region availability. However, connecting to it over your site-to-site VPN or expressroute is likely to be slower than a traditional fileserver experience. This is because it’s likely the Azure datacentre is further away, thus latency is higher. Nevertheless, it would be possible to install local Branchcacheservers (ideally in your corporate offices) to act as caching servers, thus giving LAN access-speeds for most files.
There is an Azure solution that provides the local-cache/ cloud hosted configuration described, without having to go to the trouble of ‘rolling your own’ as described above. This is called ‘Storsimple’. The Storsimple device acts as an ISCSI target for an on premise server and has local disks. Data is fed to the Azure cloud, but the most frequently accessed data is cached on the device, with a number of sizes meaning locally held storage can range into the tens of TBs. Best of all, this all happens pretty transparently, meaning zero changes to how the users access the files, but bringing the benefits of effectively infinite and cheap storage.
This benefit is also a downside. We live in a multi-device world and persisting with SMB file access means there’s no convenient way to make files accessible and synced to phones, tablets and web browsers.
The overall best solution is likely to be a hybrid approach – put the data where it’s best suited. Perhaps you’ve got TBs worth of PST files on network shares (we all know it’s not supported, we all know it happens). The best solution here would be to stop users creating and growing PST files, then ship them on a disk to Microsoft and add them as Exchange Archive mailboxes. For its ability to present files on any device the user is using, and unique DLP features, OneDrive for Business makes a strong case. Many file shares may readily be transferrable to a SharePoint online team site. There will always be a requirement for some kind of traditional file server solution for some users and this is where Storsimple can assist.
What will your cloud file storage strategy be?