What if your organization still prefers a network file share? Consider the updated Microsoft Azure File Services


This blog was originally published by Concerto Cloud Services. Since then, Concerto Cloud Services has become DXC Concerto, the mid-market cloud offering within DXC Technology.

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the data center business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far greater than traditional on-premises options.

During and after that shift to cloud, though, one area that still poses a struggle for many organizations is what to do with their department file shares. I’m sure you’re thinking “there are all kinds of solutions,” and most of them are far better than a traditional network share. I’d agree with you; however, many organizations have a workforce that is accustomed to this old process. While solutions like SharePoint, One Drive for Business and Dropbox are nice and have additional features, most organizations still prefer the Windows file share.

One solution that holds promise is Microsoft’s Azure File Services. The offering was originally intended to enable companies to move applications that interacted with file shares to Azure, and it was only accessible from Virtual Machines within the same Azure data center when it was first released. But last year, Microsoft released an update that leverages SMB 3.0 and enables users to securely connect to the shares from any location.

There are some limitations if you’re looking to deploy Azure File Services within your organization. The biggest that I found was that not all internet service providers (ISPs), such as Comcast and Charter Spectrum, will allow port 45 access across their networks.

The other major limitation at this time is while you can assign Azure AD permissions to the share, when a user connects, they have to authenticate with the Azure Storage Account and key. This requirement means that everyone is authenticating with the same account. Microsoft is aware this is a short-coming and is supposed to be addressing it in the future with an update to the service.

These two limitations aside, I see the service being useful for organizations that need to archive data and only allow access from a limited number of individuals or systems. As Azure storage is a low-cost retention solution, the data at rest can easily be encrypted with Azure encryption services.

If you’d like to try Azure File Services for yourself, follow these steps:

  • Go to the Azure management portal and log in with your account.
  • Browse to Storage Accounts and create a new Storage Account for this scenario.
  • Make sure when naming the resource to use all lower case letters (this is a Microsoft Configuration requirement). For Account Kind, make sure to select “General Purpose.”
  • Once the storage account has been created, browse to it and under File Service click Files. You see a sub screen and the Create File Share Button: click it, give your file share a name, specify how large you’d like it to be, and click Create.

Congratulations – you’ve just created your first Azure File Share.  But wait! You’re asking, “How do I connect to this file share?”

If you click on Connect it will give you the command syntax to connect from either a Windows or a Linux machine. Remember, your ISP may be blocking port 445. However once you do connect you can upload files and interact like a normal file share.

Look for future updates from Microsoft on this feature to add additional security and the ability to assign individualized permissions based on Azure AD accounts.

Rob-Curls-headshotRob Curls is the Sales Solutions Advisor for DXC Concerto.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: