Cloud NAS Shootout: Amazon EFS/FSx versus Azure Files
Organizations looking to move some or all of their file systems to cloud storage have choices. The options from the two biggest public cloud service providers are Microsoft Azure Files, Amazon Elastic File System (EFS), or Amazon FSx.
All these platforms offer cloud-based serverless storage, allowing you to avoid maintaining complex file systems. This article compares these options based on 4 key parameters – performance, price, features, and support.
One fundamental building block of Microsoft’s Azure storage services is Storage Accounts, which are top-level resources that represent a shared pool of storage. These resources offer table, queue, and blob storage for an application’s persistent storage requirements.
In 2014, Microsoft launched Azure Files, an extension of the Storage Account resource, allowing access to file storage with the Server Message Block (SMB) and Network File System (NFS) protocols used in traditional file system infrastructure.
In 2020, Azure Files was enhanced to integrate with Windows Active Directory for familiar share and NTFS Access Control List (ACL) management. This added functionality meant augmenting or even replacing traditional on-premises SMB-based file systems with a serverless cloud infrastructure was now feasible.
Azure Files can be provisioned in two flavors:
- Standard (based on HDDs): It offers 3 varieties, cold, hot and transaction optimised, offering cost-effective options for infrequent access. Capacity is practically limitless with a 100 tebibyte (TiB) limit per premium storage account and multiple storage accounts possible
- Premium (based on SSDs): This option offers better performance with 100K max input/output operations per second (IOPS) vs. 20k max IOPS. however, it doesn’t offer the geo-redundancy options of the former.
SMB and NFS are not Wide Area Network (WAN)-optimized protocols. Organizations looking to utilize Azure Files at the enterprise scale can use Azure File Sync to cache data on the Local Area Network (LAN), reduce latency, and improve user experience.
Furthermore, security-conscious organizations can protect Azure Files with a Private Link, and make sure that files are only accessible using private IP addresses. They can also ensure that traffic is tunneled through a site-to-site virtual private network (VPN) or Express Route connection, disabling the public endpoint and the risks associated with access to the Internet.
Fully integrated with Azure backup for point-in-time recovery, server-side Volume Shadow Copy Service (VSS) snapshots allow self-service restoration through previous versions. Data in Azure Storage is encrypted using 256-bit Advanced Encryption Standard (AES) encryption.
Amazon EFS and Amazon FSx
- Amazon S3 (Simple Storage Service) for object storage
- Amazon EBS (Elastic Block Storage)
- Amazon EFS (Elastic File System)
- Amazon FSx
Amazon EFS and Amazon FSx are the main file system options on AWS. Amazon EFS offers NFS access only. It can only be mounted on Linux Amazon EC2 instances and not Windows VMs. For SMB access from Windows, Amazon launched FSx in 2018.
Amazon EFS offers 2 storage classes:
- Standard storage classes – Amazon EFS Standard and Amazon EFS Standard-Infrequent Access (EFS Standard-IA)
- One Zone storage classes – Amazon EFS One Zone and Amazon EFS One Zone-Infrequent Access (EFS One Zone-IA).
Files stored on EFS standard storage classes are replicated across multiple availability zones (AZs) for site recovery, whereas One Zone storage classes are only available within a single availability zone.
For organizations that require SMB access to files, Amazon FSx is available. FSx offers both SSD and HDD storage types, and similar to Azure Files, an Amazon FSx file system can be joined to Microsoft Active Directory to allow familiar NTFS permission management. Amazon FSx for Windows File Server also supports the use of Amazon FSx File Gateway to provide low latency from the LAN (similar to Azure File Sync).
FSx can be deployed into single-AZ or Multi-AZ configuration, and VSS capable point-in-time backups are taken using AWS backup. Capacity is effectively limitless, with thousands of Amazon FSx systems in an AWS account permitted, each allowing up to 64 TB of data.
Both EFS and FSx encrypt the file system data and backups at rest using keys managed through the AWS Key Management Service (KMS) to ensure 256-bit AES encryption at rest.
The maximum performance of Azure Files is bound by the storage account type:
- Standard (20K max IOPS and 7,152 MiB/sec throughput)
- Premium (100K max IOPS and 10,340 MiB/sec throughput)
The actual performance received depends on the provisioned capacity with a baseline of 3000 IOPS + 1 IOPS per GiB, up to 100,000 per file share, and 100MiB/sec plus 0.1MiB/s per GiB throughput being available.
Similarly, the performance of Amazon EFS scales as the file system grows, going as far as 3 GB/sec along with 100,000 of disk IOPS. EFS file shares can be provisioned in either Bursting Throughput mode (default) or in Provisioned Throughput mode. Instead of scaling throughput with used capacity, Provisioned Throughput mode allows specific throughput to be guaranteed (at cost).
With Amazon FSx, throughput capacity is defined at the time of provisioning and determines the network and disk speeds available for the file share (8-2048Mbps of throughput and 2K-80K IOPS).
Azure Files follows 2 billing models:
- Premium file shares are billed on provisioned storage (£0.13 per provisioned GB).
- Standard files shares use a pay-as-you-go billing model combining data at rest charges (£0.05 per used GB for Transaction Optimised, £0.03 for Hot, and £0.01 for Cool) and transaction charges (from £0.001 to £0.1 per 10K transactions depending on the transaction type and storage tier).
Here’s what you can expect for Amazon EFS and Amazon FSx:
- Amazon EFS is billed per used GB, ranging from £0.02 for infrequent access tier storage to £0.25 for standard storage. Provisioned Throughput (optional) is billed at £5 per MB/s.
- Amazon FSx is billed with a combination of provisioned storage and provisioned throughput. This ranges from £0.01 per GB for HDD storage to £0.1 for SSD storage. On top of this, Provisioned Throughput is billed at £1.83 per MB/s.
In addition to the above, expect charges for data backup and data egress charges.
The table below compares file system features:
|Feature||Azure Files||Amazon EFS (FSx)|
|Protocols||SMB 2.1, 3.0, 3.1.1|
|(SMB 2.0, 3.0, 3.1)|
|Availability||Premium Storage (LRS, ZRS) – 99.9% SLA|
Standard Storage (LRS, ZRS, GRS, GZRS) – 99.9% SLA
|One Zone Storage (Single Availability Zone) – 99.99% SLA|
Standard Storage (Multiple Availability Zones) – 99.99% SLA
(FSx – 99.99% SLA)
|Authentication||Active Directory Domain Services (SMB only, not NFS)|
Azure AD DS (SMB only, not NFS)
|(AD DS – SMB only, not NFS)|
|Encryption||AES256 encryption at rest (MS or customer-managed keys)||AES256 encryption at rest with AWS KMS|
AWS Direct Connect
|Performance||Azure File Sync for LAN cache|
Premium – 3000 IOPS + 1 IOPS per GiB and 100MiB/sec plus 0.1MiB/s per GiB
Standard – Up to 20k IOPS and 300 MiB/sec
|(Amazon FSx File Gateway for LAN cache)|
(8-2048Mbps of throughput and 2k-80k IOPS)
100,000 of IOPS and up to 512 MiBps
|Data Protection||Azure Backup||Backed up to Amazon S3|
Microsoft provides an availability Service Level Agreement (SLA) of 99.9% for read and write transactions, which increases to 99.99% for read transactions if the storage account is configured for Read-Access Geo-Redundant (RA-GRS) replication. Amazon provides an availability SLA of 99.99% for all configurations of EFS and FSx.
That’s it for our overview of Microsoft Azure Files, Amazon Elastic File System (EFS), and Amazon FSx. There are a lot of different parameters to take into consideration before moving your organization’s file systems to cloud storage services, and we hope that this guide will help the service that best fits your needs.
More in Microsoft Azure
Microsoft Now Lets IT Admins Review & Remove Inactive Azure AD Users
May 27, 2022 | Rabia Noureen
Build 2022: Microsoft's Intelligent Data Platform Combines Data and Analytics
May 25, 2022 | Rabia Noureen
Microsoft Revises Restrictive Cloud Licensing Policies to Avoid EU Antitrust Probe
May 19, 2022 | Rabia Noureen
Microsoft's Azure AD Conditional Access Service Can Now Require Reauthentication
May 13, 2022 | Rabia Noureen
Microsoft Addresses Cross-Tenant Database Vulnerability in Azure PostgreSQL
Apr 29, 2022 | Rabia Noureen
Microsoft Simplifies IT Monitoring with New Azure Managed Grafana Service
Apr 19, 2022 | Rabia Noureen
Most popular on petri