Amazon FSx
Juan José Díaz Antuña Lead of Cloud Solutions
Posted on 17 of March of 2022 .

Amazon FSx for Windows File Server

Amazon FSx is a fully managed cloud file storage service that offers a high degree of reliability and scalability. Amazon FSx for Windows is based on Windows Server and allows integration with Microsoft Active Directory, allowing you to create standard Windows ACLs for detailed access control at the file and folder level, all with access via the Server Message Block (SMB) protocol.

Supported clients

Amazon FSx supports connecting to your file system from a wide variety of instances and operating systems. For it, it allows access through the Server Message Block (SMB) protocol, versions 2.0 to 3.1.1.

The operating systems supported as a client are the following: Windows from 2008 and Windows Vista. Also, Linux systems with CIFS-UTILS. At the instance level, it supports a large number of AWS types such as EC2, ECS, Workspaces and AppStream.

Availability

One of the great advantages of Amazon FSx is its availability. Amazon FSx supports Single-AZ or Multi-AZ.

In Single-AZ, Amazon FSx automatically replicates data within an Availability Zone (AZ) to protect against component failure. AWS continuously monitors for hardware failures and automatically replaces infrastructure components in the event of a failure. Single-AZ2 is the latest generation and supports both SSD and HDD storage. In Single-AZ1 the file systems support SSD storage, Microsoft Distributed File System Replication (DFSR), and the use of custom DNS names.

Multi-AZ services are designed to provide continuous data availability, even when an Availability Zone is unavailable

Multi-AZ enables all the availability and durability features of Single-AZ file systems. Multi-AZ services are designed to provide continuous data availability, even when an Availability Zone is unavailable. In a Multi-AZ deployment, Amazon FSx automatically provisions and maintains a standby file server in a different availability zone so that in the event of a particular availability zone going down, you will still have access to the data. Any changes written to the file system disk are synchronously replicated across availability zones in standby mode.

The features enabled according to availability from AZ are summarized below.

Functionalities

Integration with Active Directory

Amazon FSx works with Microsoft Active Directory (AD) to integrate with its existing Microsoft Windows environments both on-premise and in the cloud. The 80% of organizations today use Active Directory, which is Microsoft's directory service used to authenticate, authorize and manage the different network objects. When a file system is created with Amazon FSx, it can be joined to its Active Directory domain to provide user authentication and access control at the file and folder level. Users can use their existing user identities in Active Directory to authenticate and access the Amazon FSx file system.

Security

  • Encryption - Amazon FSx for Windows allows encryption of data at rest and in transit as forms of encryption for our file system. Data in transit encryption is available with SMB 3.0 or later protocol automatically encrypting data in transit without the need to modify any applications. Data-at-rest encryption, meanwhile, is automatically enabled upon creation.
  • ACL (File and Directory Level Access Control) - Amazon FSx supports identity-based authentication through SMB and Active Directory.
  • Access control with VPC - Amazon FSx supports connection through the Elastic Network Interface, which allows us to connect from a VPC or another network connected to the VPC by Peering or by AWS Direct Connect.

Data protection

  • Amazon FSx enables data protection through backup, snapshots, and replication. Amazon FSx backups are incremental regardless of their type, automatic daily, user-initiated, or with AWS Backup.
  • The windows volume shadow copy service allows you to take durable backups of your file system on a daily basis and store them in an Amazon S3 bucket.
  • Amazon FSx allows you to periodically replicate your file system to a second file system.

Use cases

  • Windows file server. Many organizations have local file servers to maintain shared resources for different work teams, as well as home directories for hundreds of users. Amazon FSx enables a fully managed service that offers the opportunity to migrate and replace these on-premises servers to a service, reducing the cost of operation and infrastructure.
  • Windows applications. There are organizations that have Windows-based applications such as ERP, CRM or custom applications which require storage based on an NTFS file system and SMB protocol. With Amazon FSx you can migrate these applications in lift and shift mode to AWS without having to modify the applicative.
  • Web services. Microsoft has its own web service called Internet Information Services (IIS) which in many cases uses shared file storage when several of them need access to the same files.
  • Highly available Microsoft SQL Server deployments on AWS as Amazon FSx provides highly available, fully managed file storage. Amazon FSx automatically manages data replication and failover, simplifying shared storage to host your database deployments while lowering cost.
  • Media workflows. Amazon FSx provides a high-performance, low-latency shared file system required by multimedia application workflows such as media transcoding, rendering, and streaming.
Business Solutions Cloud Services Solutions Custom Software Solutions Microsoft Blog

< Go back