How to Use AWS Storage for On-Premises File-Based Applications

S T G 2 1 1 How to use AWS storage for on-premises file-based applications

Prashanth Bungale Smitha Sriram Senior Product Manager Senior Product Manager Amazon Web Services Amazon Web Services

Growing infrastructure costs

Storage and compute capacity limits

Ongoing management overhead

… then you’ve come to the right session! Agenda

Introduction AWS file and hybrid cloud storage services Example use cases Summary and Q&A Files are everywhere!

3 Challenges of managing file storage on-premises

Managing hardware Managing software

• Periodically procuring and purchasing hardware • Setting up storage servers and volumes • Detecting and addressing hardware failures • Investing CapEx © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Portfolio of AWS’s file and hybrid cloud storage services

Amazon FSx for AWS Storage Amazon FSx for Amazon EFS Windows File Server Gateway (File) Lustre

Fully managed native NFS/SMB access to Fully managed high- Fully managed NFS file Windows file systems objects in Amazon S3 performance file system system for Linux-based integrated with Amazon general-purpose Deeply integrated Low-latency access S3 and optimized for file workloads with AWS with local caching compute-intensive workloads Highly available and Integration with AWS highly durable for management

High performance VMware ESXi, Microsoft Hyper-V, AWS Transfer Enterprise-ready Amazon EC2, and for SFTP security and hardware appliance Fully managed SFTP options compliance service for Amazon S3 Cost-effective HA (VMware with NEW! Shared Storage) Two AWS offerings we will focus on today Lift-and-shift your file data to the cloud Store and access Amazon S3 objects as files

Amazon FSx for Windows File Server AWS Storage Gateway (File)

✓ Fully managed service ✓ NFS/SMB access to objects in Amazon S3

✓ Native file system (full NTFS/SMB compatibility ✓ Low-latency access to S3 data with local caching and fully featured) ✓ Deployment options (VM and hardware) ✓ Highly available (Single-AZ and Multi-AZ) ✓ Highly available (VMware with shared storage) ✓ Performance: Up to 10+ GB/s throughput and millions of IOPS ✓ Performance: Up to ~500 MB/s local (cached) and up to ~125 MB/s network throughput ✓ Cost-effective ✓ Cost-effective ✓ On-premises access (multiple writers/readers) ✓ On-premises access (single writer and multiple readers to same data) Seamlessly transition to cloud-backed shares on AWS Migrate your on-premises file shares without disruption to applications and end users

Use existing Support existing Rich set of Active Directory enterprise features deployment options

Maintain security Provide broad and compliance accessibility Benefits of cloud migration File Gateway and Amazon FSx enable you to leverage AWS for a broad variety of needs

Global availability Unlimited cloud Storage and and scalability storage archival options

AWS

Integrated Reliability and Single point of Disaster recovery durability management options © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon FSx for Windows File Server Store and access files in fully managed, native Windows file systems

On-Premises AWS Cloud

SMB

Application

• Fully managed native Windows file systems based on NTFS, accessible via SMB • Highly available and highly durable, and offers multi-AZ deployment option Features • High performance – Sub-ms latency, 10+ GB/s throughput, and millions of IOPS • Security and compliance – Active Directory integration, ACLs, encryption at-rest and in-transit, and compliances Amazon FSx | Fully managed, native AWS service

• Automatically provisions, sets up, configures, and optimizes file system infrastructure • Provides fully managed high availability and high durability

- Continually monitors and addresses hardware failures

- Replicates data within an Availability Zone (AZ)

- Provides a one-click Multi-AZ deployment option, with data replication and automatic failover across AZs • Automatically keeps Windows software up to date • Takes daily automatic backups and applies retention policy Amazon FSx | High-performance, native file service

• Provides NTFS-based file storage backed by native Windows file server, ensuring full application compatibility • Fully supports SMB protocol (all current versions – 2.0 thru 3.1.1) • Provides the low latency, and high throughput and IOPS, that file-based applications need

- < 1 ms latencies for in-AWS access

- Up to 3 GB/s of throughput and hundreds of thousands of IOPS per file share with direct file server access

- Up to 10+ GB/s of throughput and millions of IOPS per file share with client-side caching Amazon FSx | Storage pricing (per GB-month)

Single-AZ Multi-AZ

SSD-based storage

COMING SOON! HDD-based storage

Note: Based on Amazon FSx for Windows File server pricing in US East (N. Virginia) Amazon FSx | Storage pricing with data deduplication (per GB-month)

Single-AZ Multi-AZ

SSD-based storage

COMING SOON! HDD-based storage

Typical savings from deduplication for general file shares is 50%-60%

Note: Based on Amazon FSx for Windows File server pricing in US East (N. Virginia) Amazon FSx | Designed for a wide spectrum of use cases… NAS lift-and-shift

Home Line-of-business Web serving and directories applications content management

NEW! NEW!

Software Backup and HA SQL Server development disaster recovery databases environments Amazon FSx | Designed for a wide spectrum of use cases… Cloud-native workloads

Media Analytics HPC workflows

Dev and test SaaS applications environments Amazon FSx | … whether in-cloud or on-premises …

… with multiple readers and writers across multiple in-cloud or on-premises locations Amazon FSx | Options for integrating with Active Directory Integrate your existing directory for authentication and access authorization

On-premises or AWS Managed in-cloud self-managed Microsoft AD Active Directory Amazon FSx | Support for existing enterprise features Continue to support existing features for your applications and end users

• File locking and leasing for local caching • File- and folder-level Access Control Lists (ACLs) • Share-level access controls and configuration • User sessions and open files management • File-level restore by end-users (shadow copies) • User storage quotas NEW! • Backup retention policies • DFS namespaces Amazon FSx | Rich set of deployment options Simple to create and scale across availability zones in minutes

COMING SOON!

SSD storage HDD storage

NEW! Single-AZ Multi-AZ

Select throughput level that best fits your needs independently of storage Amazon FSx | Security and compliance

Data encrypted Integrates with Network traffic access at rest and in transit your organization’s AD control using Amazon and supports VPC security groups Option to enforce NEW! Windows ACLs encryption in transit

Admin API Monitor and log PCI-DSS + ISO- access control API calls using + SOC + GDPR compliant using AWS Identity and AWS CloudTrail and HIPAA eligible Access Management (IAM) Amazon FSx | Broad accessibility

Microsoft Windows VPN AWS Direct Server 2008+ and Amazon EC2 Amazon WorkSpaces Connect Windows 7+

Linux VMware Cloud Amazon VPC Peering AWS Transit (SMB client) on AWS AppStream 2.0 Gateway

MacOS On-premises In-VPC access compute instance Amazon FSx | AWS integrations

Amazon IAM AWS KMS Amazon AWS AWS AWS Direct Amazon VPN Amazon FSx VPC CloudWatch CloudTrail CloudFormation Connect

Integrations

Amazon VMware Cloud AppStream 2.0 Amazon Amazon AWS Management AWS CLI AWS Directory EC2 on AWS WorkSpaces ECS Console Service FSx for Windows File Server Pace of Innovation NEW! Multi-AZ deployment option FSx in Asia Pacific (Singapore) HA SQL Server deployments NEW! FSx in Europe (Stockholm) User quotas NEW! FSx in US West (N. California) SOC compliance NEW! Programmatic share mgmt. FSx in Europe (Frankfurt) Direct integration with self- FSx in LA NEW! FSx in Asia Pac. (Tokyo, Sydney) managed/on-premises AD Local Zone HDD storage re:Invent 2018 – GA Launch re:Invent 2019 COMING Today Shared AWS SOON! Managed Microsoft AD CloudWatch support NEW! Restore Support for Data Deduplication metrics DX & VPN access Shadow Copies / activity on Lower minimum size NEW! integration Inter-VPC/ File-level files locked (32 GiB) account/ Restore by inactive Region access Enforcement of in-transit NEW! users encryption © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS File Gateway for Amazon S3 Store and access objects in Amazon S3 from file-based apps with local caching

On-premises AWS Cloud Amazon analyze Athena

NFS/SMB HTTPS archive Any Amazon S3 storage class On-premises File Storage Amazon S3 applications Gateway Gateway process AWS service Lambda

• Low-latency cached access to data in Amazon S3 Features • Support for NFS (POSIX) and SMB file shares (Windows NTFS ACLs) • One-to-one mapping between files and objects in S3 File Gateway | Use cases Provides on-premises access to virtually unlimited cloud storage

Move on-premises Process file data generated Provide low-latency access backups to the cloud on-premises using services to Amazon S3 for on- integrated with Amazon S3 premises applications

Backups for databases such Archive logs from on-premises Access to in cloud data lakes as Oracle and Microsoft applications SQL Server Data distribution across In-cloud analytics for data different on-premises Application and virtual generated on-premises environments machine backups (multiple readers) CI/CD pipelines spanning on- Target for third-party backup premises and AWS applications File Gateway | Storage and request pricing

Storage

Request capped at $125

Note: Based on AWS Storage Gateway pricing in US East (N. Virginia). File Gateway | Options for integrating with Active Directory Integrate your existing directory for authentication and access authorization

On-premises Active AWS Managed Directory Microsoft AD File Gateway | Deployment options Multiple options to deploy file gateway in your on-premises environment

Virtual machines Hardware appliance

Where When 22% price reduction NEW! File Gateway | Management options NEW! Control and monitor your on-premises gateway using the AWS Management Console File Gateway | AWS integrations

Amazon S3 AWS PrivateLink AWS Direct VMware Cloud AWS KMS AWS CloudTrail File Gateway Connect on AWS

Integrations IAM Directory Service CloudWatch AWS Management AWS CLI Console File Gateway | Security & compliance

encryption regulated workloads NTFS signing Access Control Lists (ACLs)

VPC endpoint (Powered by AWS logging PrivateLink) File Gateway | Broad accessibility

Microsoft and Linux OS, NFS and SMB client versions • Access the same data as files and as Amazon S3 objects • Make data accessible across multiple environments easily and efficiently File Gateway | Pace of innovation Available in all commercial AWS Regions and GovCloud US-West

NEW

On-premises backups Home directories Business-critical applications Content repositories File Gateway | On-premises backups Move backups into the cloud and free up on-premises storage capacity!

On-premises AWS Cloud

lifecycle NFS/SMB HTTPS Any Amazon S3 storage class

Amazon EC2 Application File Storage Amazon S3 hosted SQL Server or Gateway Gateway restore Database service Amazon RDS server

Reduce on-premises storage infrastructure used for backups Cost effectively meet retention requirements Benefits Easily integrate with Microsoft SQL Server, SAP, Oracle, HDFS and other applications Choose from options to restore on-premises or use Amazon EC2/Amazon RDS Amazon FSx | Home directories

AWS Direct On-premises Connect AWS Cloud or VPN

SMB

Migrate home directories transparently from users and apps Continue to use existing user identities, ACLs, user profiles, and share configurations Benefits Continue to offer rich feature support for end-users – previous versions, quotas Optimize TCO and eliminate ongoing infrastructure management overhead Amazon FSx | Hybrid business-critical applications

On-premises AWS Cloud On-premises Location 1 AWS Direct AWS Direct Location 3 Connect Connect or VPN or VPN

Application Application

On-premises On-premises Location 2 Location 4

Application Application Application

Provide highly available shared file storage for hybrid business-critical apps (e.g., ERP/CRM) Continue to offer compatibility and rich features for apps – file locking, file leasing for local caching Benefits Provide high throughput and IOPS to enable highly concurrent access Optimize TCO and eliminate ongoing infrastructure management overhead File Gateway | In-cloud content repositories Process, analyze, and access files quickly from distributed locations and scale capacity as needed! Cache Cache On-premises clean AWS Cloud refresh On-premises

AWS NFS/SMB HTTPS NFS/SMB Lambda for HTTPS in cloud processing Amazon Application File Application File S3 Gateway Gateway (read-only)

AWS AWS SFTP AWS DataSync Snowball

Leverage the broadest and deepest data processing, analytics, and ML capabilities in AWS

Benefits Globally access data from any on-premises location using multiple file gateways Centrally store and access both raw and processed data cost effectively © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. When to use | Amazon FSx and File Gateway for S3 Lift-and-shift your file data to the cloud Store and access Amazon S3 objects as files

Amazon FSx for Windows File Server AWS Storage Gateway (File)

✓ Fully managed service ✓ NFS/SMB access to objects in Amazon S3

✓ Native file system (full NTFS/SMB compatibility ✓ Low-latency access to S3 data with local caching and fully featured) ✓ Deployment options (VM and hardware) ✓ Highly available (Single-AZ and Multi-AZ) ✓ Highly available (VMware with shared storage) ✓ Performance: Up to 10+ GB/s throughput and millions of IOPS ✓ Performance: Up to ~500 MB/s local (cached) and up to ~125 MB/s network throughput ✓ Cost-effective ✓ Cost-effective ✓ On-premises access (multiple writers/readers) ✓ On-premises access (single writer and multiple readers to same data) Key takeaways | On-premises file-based applications

• Migrate file storage without disruptions and changes to your on-premises applications and users • Maintain existing workflows as is (post-migration) • Experience benefits of AWS services for your on-premises and in-cloud file- based applications • Regardless of your cloud adoption strategy or stage -- leverage AWS portfolio of file services for your file-based applications Related sessions

STG 201 AWS leadership session: Storage state of the union

STG 202 What’s new in AWS file storage

STG 305 Build hybrid storage architectures with AWS Storage Gateway

STG 306 Deep dive on Amazon FSx for Windows File Server

STG 362 Migrating Windows file servers to Amazon FSx

STG 238 File storage for business-critical applications

STG 324 Map and drive performance with Amazon FSx for Windows File Server

DAT 373 Data platform engg.: How Vanguard is migrating data to AWS Learn storage with AWS Training and Certification Resources created by the experts at AWS to help you build cloud storage skills

45+ free digital courses cover topics related to cloud storage, including:

• Amazon S3 • Amazon Elastic File System • AWS Storage Gateway (Amazon EFS) • Amazon S3 Glacier • Amazon Elastic Block Store • Amazon FSx for Windows File Server (Amazon EBS)

Classroom offerings, like Architecting on AWS, feature AWS expert instructors and hands-on activities

Visit aws.amazon.com/training/path-storage/

Prashanth Bungale Smitha Sriram linkedin.com/in/bungale linkedin.com/in/smitha-sriram-5889582