Edit

What's new in Azure NetApp Files

  • Article

Azure NetApp Files is updated regularly. This article provides a summary about the latest new features and enhancements.

March 2024

February 2024

  • Volume and protocol enhancement: extended language support for file and path names

    Azure NetApp Files uses a default volume language of C.UTF-8, which provides POSIX compliant UTF-8 encoding for character sets. The C.UTF-8 language natively supports characters with a size of 0-3 bytes, which includes a majority of the world’s languages on the Basic Multilingual Plane (BMP) (including Japanese, German, and most of Hebrew and Cyrillic).

    Azure NetApp Files now supports characters outside of the BMP using surrogate pair logic, where multiple character byte sets are combined to form new characters. Emoji symbols, for example, fall into this category and are now supported in Azure NetApp Files.

    To learn more about languages and special character handling in Azure NetApp Files volumes, see Understand volume languages in Azure NetApp Files.

    To learn more about file path lengths in relation to language and character handling in Azure NetApp Files volumes, see Understand path lengths in Azure NetApp Files.

  • Customer-managed keys enhancement: automated managed system identity (MSI) support

    Customer-managed keys now supports automated MSI: you no longer need to manually renew certificates.

  • The Standard network features - Edit volumes feature is now generally available (GA).

    You still must register the feature before using it for the first time.

  • Large volumes (Preview) improvement: volume size increase beyond 30% default limit

    For capacity and resources planning purposes the Azure NetApp Files large volume feature has a volume size increase limit of up to 30% of the lowest provisioned size. This volume size increase limit is now adjustable beyond this 30% (default) limit via a support ticket. For more information, see Resource limits.

January 2024

  • Standard network features - Edit volumes available in US Gov regions (Preview)

    Azure NetApp Files now supports the capability to edit network features of existing volumes in US Gov Arizona, US Gov Texas, and US Gov Texas. This capability provides an enhanced, more standard, Microsoft Azure Virtual Network experience through various security and connectivity features that are available on Virtual Networks to Azure services. This feature is in preview in commercial and US Gov regions.

  • Customer-managed keys is now generally available (GA).

November 2023

  • Capacity pool enhancement: New lower limits

    • 2 TiB capacity pool: The 2 TiB lower limit for capacity pools using Standard network features is now generally available (GA).

    • 1 TiB capacity pool: Azure NetApp Files now supports a lower limit of 1 TiB for capacity pool sizing with Standard network features. This feature is currently in preview.

  • Metrics enhancement: Throughput limits

    Azure NetApp Files now supports a "throughput limit reached" metric for volumes. The metric is a Boolean value that denotes the volume is hitting its QoS limit. With this metric, you know whether or not to adjust volumes so they meet the specific needs of your workloads.

  • Standard network features in US Gov regions is now generally available (GA)

    Azure NetApp Files now supports Standard network features for new volumes in US Gov Arizona, US Gov Texas, and US Gov Virginia. Standard network features provide an enhanced virtual networking experience through various features for a seamless and consistent experience with security posture of all their workloads including Azure NetApp Files.

  • Volume user and group quotas is now generally available (GA).

    User and group quotas enable you to stay in control and define how much storage capacity can be used by individual users or groups can use within a specific Azure NetApp Files volume. You can set default (same for all users) or individual user quotas on all NFS, SMB, and dual protocol-enabled volumes. On all NFS-enabled volumes, you can define a default (that is, same for all users) or individual group quotas.

    This feature is Generally Available in Azure commercial regions and US Gov regions where Azure NetApp Files is available.

  • SMB Continuous Availability (CA) shares now supports MSIX app attach for Azure Virtual Desktop

    In addition to Citrix App Layering, FSLogix user profiles including FSLogix ODFC containers, and Microsoft SQL Server, Azure NetApp Files now supports MSIX app attach with SMB Continuous Availability shares to enhance resiliency during storage service maintenance operations. Continuous Availability enables SMB transparent failover to eliminate disruptions as a result of service maintenance events and improves reliability and user experience.

  • Azure NetApp Files datastores for Azure VMware Solution in US Gov regions

    Azure NetApp Files now supports Azure NetApp Files datastores for Azure VMware Solution in US Gov Arizona and US Gov Virginia regions. Azure NetApp Files datastores for Azure VMware Solution provide the ability to scale storage independently of compute and can go beyond the limits of the local instance storage provided by vSAN reducing total cost of ownership.

October 2023

  • Standard storage with cool access (Preview)

    Most of unstructured data is typically infrequently accessed. It can account for more than 50% of the total storage capacity in many storage environments. Infrequently accessed data associated with productivity software, completed projects, and old datasets are an inefficient use of a high-performance storage. You can now use the cool access option in a capacity pool of Azure NetApp Files standard service level to have inactive data transparently moved from Azure NetApp Files standard service-level storage (the hot tier) to an Azure storage account (the cool tier). This option lets you free up storage that resides within Azure NetApp Files volumes by moving data blocks to the lower cost cool tier, resulting in overall cost savings. You can configure this option on a volume by specifying the number of days (the coolness period, ranging from 2 to 183 days) for inactive data to be considered "cool". Viewing and accessing the data stay transparent, except for a higher access time to data blocks that were moved to the cool tier.

  • Troubleshoot Azure NetApp Files using diagnose and solve problems tool

    The diagnose and solve problems tool simplifies the troubleshooting process, making it effortless to identify and resolve any issues affecting your Azure NetApp Files deployment. With the tool's proactive troubleshooting, user-friendly guidance, and seamless integration with Azure Support, you can more easily manage and maintain a reliable and high-performance Azure NetApp Files storage environment. Experience enhanced issue resolution and optimization capabilities today, ensuring a smoother Azure NetApp Files management experience.

  • Snapshot manageability enhancement: Identify parent snapshot

    You can now see the name of the snapshot used to create a new volume. In the Volume overview page, the Originated from field identifies the source snapshot used in volume creation. If the field is empty, no snapshot was used.

September 2023

  • Standard network features in select US Gov regions (Preview)

    Azure NetApp Files now supports Standard network features for new volumes in select US Gov regions. Standard network features provide an enhanced virtual networking experience through various features for a seamless and consistent experience with security posture of all their workloads including Azure NetApp Files. You can now choose Standard or Basic network features when creating a new Azure NetApp Files volume. This feature is Generally Available in Azure commercial regions and public preview US Gov region(s).

  • Troubleshooting enhancement: validate user connectivity, group membership and access to LDAP-enabled volumes

    Azure NetApp Files now provides you with the ability to validate user connectivity and access to LDAP-enabled volumes based on group membership. When you provide a user ID, Azure NetApp Files reports a list of primary and auxiliary group IDs that the user belongs to from the LDAP server. Validating user access is helpful for scenarios such as ensuring POSIX attributes set on the LDAP server are accurate or when you encounter permission errors.

August 2023

  • Cross-region replication enhancement: re-establish deleted volume replication (Preview)

    Azure NetApp Files now allows you to re-establish a replication relationship between two volumes in case you had previously deleted it. If the destination volume remained operational and no snapshots were deleted, the replication re-establish operation will use the last common snapshot and incrementally synchronize the destination volume based on the last known good snapshot. In that case, no baseline replication is required.

  • Backup vault (Preview)

    Azure NetApp Files backups are now organized under a backup vault. You must migrate all existing backups to a backup vault. For more information, see Migrate backups to a backup vault.

  • SMB Continuous Availability (CA) shares is now generally available (GA).

    To enhance resiliency during storage service maintenance operations, SMB volumes used by Citrix App Layering, FSLogix user profile containers and Microsoft SQL Server on Microsoft Windows Server can be enabled with Continuous Availability. Continuous Availability enables SMB Transparent Failover to eliminate disruptions as a result of service maintenance events and improves reliability and user experience.

    To learn more about Continuous Availability, see the application resiliency FAQ and follow the instructions to enable it on new and existing SMB volumes.

  • Configure NFSv4.1 ID domain for non-LDAP volumes (Preview)

    To harmonize the authentication ID Domain settings in your NFSv4.1 environment, you can now configure a custom NFSv4.1 ID Domain in Azure NetApp Files for non-LDAP volumes. The ID Domain is set for all non-LDAP volumes in the same region and subscription, and can co-exist in environments with LDAP-enabled volumes. Once the ID Domain on Azure NetApp Files matches your NFSv4.1 clients, ‘root’ and non-root users will no longer be squashed to ‘nobody’. This setting helps either prepare for a future implementation of LDAP with Active Directory in the future by enabling the use of the same authentication ID Domain across all NFSv4.1 clients, or just ensures scripts and software installation routines that use ‘root’ can modify files on NFSv4.1 volumes correctly.

    For details on registering the feature and setting NFSv4.1 ID Domain in Azure NetApp Files, see Configure NFSv4.1 ID Domain.

  • Moving volumes from manual QoS capacity pool to auto QoS capacity pool

    You can now move volumes from a manual QoS capacity pool to an auto QoS capacity pool. When you move a volume to an auto QoS capacity pool, the throughput is changed according to the allocated volume size (quota) of the target pool's service level: <throughput> = <volume quota> x <Service Level Throughput / TiB>

June 2023

  • Cloud Backup for Virtual Machines on Azure NetApp Files datastores for Azure VMware Solution (Preview)

    You can now create VM consistent snapshot backups of VMs on Azure NetApp Files datastores using Cloud Backup for Virtual Machines. The associated virtual appliance installs in the Azure VMware Solution cluster and provides policy based automated and consistent backup of VMs integrated with Azure NetApp Files snapshot technology for fast backups and restores of VMs, groups of VMs (organized in resource groups) or complete datastores.

  • Azure NetApp Files double encryption at rest (Preview)

    We're excited to announce the addition of double encryption at rest for Azure NetApp Files volumes. This new feature provides an extra layer of protection for your critical data, ensuring maximum confidentiality and mitigating potential liabilities. Double encryption at rest is ideal for industries such as finance, military, healthcare, and government, where breaches of confidentiality can have catastrophic consequences. By combining hardware-based encryption with encrypted SSD drives and software-based encryption at the volume level, your data remains secure throughout its lifecycle. You can select double as the encryption type during capacity pool creation to easily enable this advanced security layer.

  • Availability zone volume placement enhancement - Populate existing volumes (Preview)

    The Azure NetApp Files availability zone volume placement feature lets you deploy new volumes in the availability zone of your choice, in alignment with Azure compute and other services in the same zone. With this "Populate existing volume" enhancement, you can now obtain and, if desired, populate previously deployed, existing volumes with the logical availability zone information. This capability automatically maps the physical zone the volumes was deployed in and maps it to the logical zone for your subscription. This feature doesn't move any volumes between zones.

  • Customer-managed keys for Azure NetApp Files now supports the option to Disable public access on the key vault that contains your encryption key. Selecting this option enhances network security by denying public configurations and allowing only connections through private endpoints.

May 2023

  • Azure NetApp Files now supports customer-managed keys on both source and data replication volumes with cross-region replication or cross-zone replication relationships.

  • Standard network features - Edit volumes (Preview)

    Azure NetApp Files volumes have been supported with Standard network features since October 2021, but only for newly created volumes. This new edit volumes capability lets you change existing volumes that were configured with Basic network features to use Standard network features. This capability provides an enhanced, more standard, Microsoft Azure Virtual Network experience through various security and connectivity features that are available on Virtual Networks to Azure services. When you edit existing volumes to use Standard network features, you can start taking advantage of networking capabilities, such as (but not limited to):

    • Increased number of client IPs in a virtual network (including immediately peered Virtual Networks) accessing Azure NetApp Files volumes - the same as Azure VMs
    • Enhanced network security with support for network security groups on Azure NetApp Files delegated subnets
    • Enhanced network control with support for user-defined routes to and from Azure NetApp Files delegated subnets
    • Connectivity over Active/Active VPN gateway setup
    • ExpressRoute FastPath connectivity to Azure NetApp Files

    This feature is now in public preview, currently available in 16 Azure regions. It will roll out to other regions. Stay tuned for further information as more regions become available.

  • Azure Application Consistent Snapshot tool (AzAcSnap) 8 (GA)

    Version 8 of the AzAcSnap tool is now generally available. Azure Application Consistent Snapshot Tool (AzAcSnap) is a command-line tool that enables you to simplify data protection for third-party databases in Linux environments. AzAcSnap 8 introduces the following new capabilities and improvements:

    • Restore change - ability to revert volume for Azure NetApp Files
    • New global settings file (.azacsnaprc) to control behavior of azacsnap
    • Logging enhancements for failure cases and new "mainlog" for summarized monitoring
    • Backup (-c backup) and Details (-c details) fixes

    Download the latest release of the installer here.

  • Single-file snapshot restore is now generally available (GA)

  • Troubleshooting enhancement: break file locks

    In some cases you may encounter (stale) file locks on NFS, SMB, or dual-protocol volumes that need to be cleared. With this new Azure NetApp Files feature, you can now break these locks. You can break file locks for all files in a volume or break all file locks initiated by a specified client.

April 2023

March 2023

  • Disable showmount (Preview)

    By default, Azure NetApp Files enables showmount functionality to show NFS exported paths. The setting allows NFS clients to use the showmount -e command to see a list of exports available on the Azure NetApp Files NFS-enabled storage endpoint. This functionality might cause security scanners to flag the Azure NetApp Files NFS service as having a vulnerability because these scanners often use showmount to see what is being returned. In those scenarios, you might want to disable showmount on Azure NetApp Files. This setting allows you to enable/disable showmount for your NFS-enabled storage endpoints.

  • Active Directory support improvement (Preview)

    The Preferred server for LDAP client option allows you to submit the IP addresses of up to two Active Directory (AD) servers as a comma-separated list. Rather than sequentially contacting all of the discovered AD services for a domain, the LDAP client will contact the specified servers first.

February 2023

  • Cross region replication enhancement: snapshot revert on replication source volume

    When using cross-region replication, reverting a snapshot in a source or destination volume with an active replication configuration wasn't initially supported. Restoring a snapshot on the source volume from the latest local snapshot wasn't possible. Instead you had to use either client copy using the .snapshot directory, single file snapshot restore, or needed to break the replication in order to apply a volume revert. With this new feature, a snapshot revert on a replication source volume is possible provided that you select a snapshot that is newer than the latest SnapMirror snapshot. This feature enables data recovery (revert) from a snapshot while cross region replication stays active, improving data protection SLA.

  • Access-based enumeration (Preview)

    Access-based enumeration (ABE) displays only the files and folders that a user has permissions to access. If a user doesn't have Read (or equivalent) permissions for a folder, the Windows client hides the folder from the user’s view. This new capability provides an additional layer of security by only displaying files and folders a user has access to, and as a result hiding file and folder information a user has no access to. You can now enable ABE on Azure NetApp Files SMB and dual-protocol (with NTFS security style) volumes.

  • Non-browsable shares (Preview)

    You can now configure Azure NetApp Files SMB or dual-protocol volumes as non-browsable. This new feature prevents the Windows client from browsing the share, and the share doesn't show up in the Windows File Explorer. This new capability provides an additional layer of security by not displaying shares that are configured as non-browsable. Users who have access to the share will maintain access.

  • Option to delete base snapshot when you restore a snapshot to a new volume using Azure NetApp Files

    By default, the new volume includes a reference to the snapshot that was used for the restore operation, referred to as the base snapshot. If you don’t want the new volume to contain this base snapshot, you can select the Delete base snapshot option during volume creation.

  • The Unix permissions and change ownership mode features are now generally available (GA).

    You no longer need to register the features before using them.

  • The Vaults API is deprecated starting with Azure NetApp Files REST API version 2022-09-01.

    Enabling backup of volumes doesn't require the Vaults API. REST API users can use PUT and PATCH Volumes API to enable backup for a volume.

  • Volume user and group quotas (Preview)

    Azure NetApp Files volumes provide flexible, large and scalable storage shares for applications and users. Storage capacity and consumption by users is only limited by the size of the volume. In some scenarios, you may want to limit this storage consumption of users and groups within the volume. With Azure NetApp Files volume user and group quotas, you can now do so. User and/or group quotas enable you to restrict the storage space that a user or group can use within a specific Azure NetApp Files volume. You can choose to set default (same for all users) or individual user quotas on all NFS, SMB, and dual protocol-enabled volumes. On all NFS-enabled volumes, you can set default (same for all users) or individual group quotas.

  • Large volumes (Preview)

    Regular Azure NetApp Files volumes are limited to 100 TiB in size. Azure NetApp Files large volumes break this barrier by enabling volumes of 100 TiB to 500 TiB in size. The large volumes capability enables various use cases and workloads that require large volumes with a single directory namespace.

  • Customer-managed keys (Preview)

    Azure NetApp Files volumes now support encryption with customer-managed keys and Azure Key Vault to enable an extra layer of security for data at rest.

    Data encryption with customer-managed keys for Azure NetApp Files allows you to bring your own key for data encryption at rest. You can use this feature to implement separation of duties for managing keys and data. Additionally, you can centrally manage and organize keys using Azure Key Vault. With customer-managed encryption, you are in full control of, and responsible for, a key's lifecycle, key usage permissions, and auditing operations on keys.

  • Capacity pool enhancement (Preview)

    Azure NetApp Files now supports a lower limit of 2 TiB for capacity pool sizing with Standard network features.

    You can now choose a minimum size of 2 TiB when creating a capacity pool. Capacity pools smaller than 4 TiB in size can only be used with volumes using standard network features. This enhancement provides a more cost effective solution for running workloads such as SAP-shared files and VDI that require lower capacity pool sizes for their capacity and performance needs. When you have less than 2-4 TiB capacity with proportional performance, this enhancement allows you to start with 2 TiB as a minimum pool size and increase with 1-TiB increments. For capacities less than 3 TiB, this enhancement saves cost by allowing you to re-evaluate volume planning to take advantage of savings of smaller capacity pools. This feature is supported in all regions with Standard network features.

December 2022

  • Azure Application Consistent Snapshot tool (AzAcSnap) 7

    Azure Application Consistent Snapshot Tool (AzAcSnap) is a command-line tool that enables customers to simplify data protection for third-party databases in Linux environments.

    The AzAcSnap 7 release includes the following fixes and improvements:

    • Shortening of snapshot names
    • Restore (-c restore) improvements
    • Test (-c test) improvements
    • Validation improvements
    • Timeout improvements
    • Azure Backup integration improvements
    • Features moved to GA (generally available): None
    • The following features are now in preview:

    Download the latest release of the installer here.

  • Cross-zone replication (Preview)

    With Azure’s push towards the use of availability zones (AZs), the need for storage-based data replication is equally increasing. Azure NetApp Files now supports cross-zone replication. With this new in-region replication capability - by combining it with the new availability zone volume placement feature - you can replicate your Azure NetApp Files volumes asynchronously from one Azure availability zone to another in a fast and cost-effective way.

    Cross-zone replication helps you protect your data from unforeseeable zone failures without the need for host-based data replication. Cross-zone replication minimizes the amount of data required to replicate across the zones, therefore limiting data transfers required and also shortens the replication time, so you can achieve a smaller Restore Point Objective (RPO). Cross-zone replication doesn’t involve any network transfer costs, hence it's highly cost-effective.

    The public preview of the feature is currently available in the following regions: Australia East, Brazil South, Canada Central, Central US, East Asia, East US, East US 2, France Central, Germany West Central, Japan East, North Europe, Norway East, Southeast Asia, South Central US, UK South, West Europe, West US 2, and West US 3.

    In the future, cross-zone replication is planned for all AZ-enabled regions with Azure NetApp Files presence.

  • Azure Virtual WAN (Preview)

    Azure Virtual WAN is now supported on Azure NetApp Files with Standard network features. Azure Virtual WAN is a spoke-and-hub architecture, enabling cloud-hosted network hub connectivity between endpoints, creating networking, security, and routing functionalities in one interface. Use cases for Azure Virtual WAN include remote user VPN connectivity (point-to-site), private connectivity (ExpressRoute), intra-cloud connectivity, and VPN ExpressRoute inter-connectivity.

November 2022

October 2022

  • Availability zone volume placement (Preview)

    Azure availability zones are highly available, fault tolerant, and more scalable than traditional single or multiple data center infrastructures. Using Azure availability zones lets you design and operate applications and databases that automatically transition between zones without interruption. Azure NetApp Files lets you deploy new volumes in the logical availability zone of your choice to support enterprise, mission-critical HA deployments across multiple AZs. Azure’s push towards the use of availability zones (AZs) has increased, and the use of high availability (HA) deployments with availability zones are now a default and best practice recommendation in Azure’s Well-Architected Framework.

  • Application volume group for SAP HANA now generally available (GA)

    The application volume group for SAP HANA feature is now generally available. You no longer need to register the feature to use it.

August 2022

  • Standard network features are now generally available in supported regions.

    Standard network features now includes Global virtual network peering.

    Regular billing for Standard network features on Azure NetApp Files began November 1, 2022.

July 2022

June 2022

May 2022

April 2022

March 2022

January 2022

  • Azure Application Consistent Snapshot Tool (AzAcSnap) v5.1 Public Preview

    Azure Application Consistent Snapshot Tool (AzAcSnap) is a command-line tool that enables customers to simplify data protection for third-party databases (SAP HANA) in Linux environments (for example, SUSE and RHEL).

    The public preview of v5.1 brings the following new capabilities to AzAcSnap:

    • Oracle Database support
    • Backint Co-existence
    • Azure Managed Disk
    • RunBefore and RunAfter capability

  • LDAP search scope

    You might be using the Unix security style with a dual-protocol volume or Lightweight Directory Access Protocol (LDAP) with extended groups features in combination with large LDAP topologies. In this case, you might encounter "access denied" errors on Linux clients when interacting with such Azure NetApp Files volumes. You can now use the LDAP Search Scope option to specify the LDAP search scope to avoid "access denied" errors.

  • Active Directory Domain Services (AD DS) LDAP user-mapping with NFS extended groups now generally available (GA)

    The AD DS LDAP user-mapping with NFS extended groups feature is now generally available. You no longer need to register the feature before using it.

December 2021

  • NFS protocol version conversion (Preview)

    In some cases, you might need to transition from one NFS protocol version to another. For example, when you want an existing NFS NFSv3 volume to take advantage of NFSv4.1 features, you might want to convert the protocol version from NFSv3 to NFSv4.1. Likewise, you might want to convert an existing NFSv4.1 volume to NFSv3 for performance or simplicity reasons. Azure NetApp Files now provides an option that enables you to convert an NFS volume between NFSv3 and NFSv4.1. This option doesn't require creating new volumes or performing data copies. The conversion operations preserve the data and update the volume export policies as part of the operation.

  • Single-file snapshot restore (Preview)

    Azure NetApp Files provides ways to quickly restore data from snapshots (mainly at the volume level). See How Azure NetApp Files snapshots work. Options for user file self-restore are available via client-side data copy from the ~snapshot (Windows) or .snapshot (Linux) folders. These operations require data (files and directories) to traverse the network twice (upon read and write). As such, the operations aren't time and resource efficient, especially with large data sets. If you don't want to restore the entire snapshot to a new volume, revert a volume, or copy large files across the network, you can use the single-file snapshot restore feature to restore individual files directly on the service from a volume snapshot without requiring data copy via an external client. This approach drastically reduces RTO and network resource usage when restoring large files.

  • Features that are now generally available (GA)

    The following features are now GA. You no longer need to register the features before using them.

November 2021

  • Application volume group for SAP HANA (Preview)

    Application volume group (AVG) for SAP HANA enables you to deploy all volumes required to install and operate an SAP HANA database according to best practices, including the use of proximity placement group (PPG) with VMs to achieve automated, low-latency deployments. AVG for SAP HANA has implemented many technical improvements that simplify and standardize the entire process to help you streamline volume deployments for SAP HANA.

October 2021

  • Azure NetApp Files cross-region replication now generally available (GA)

    The cross-region replication feature is now generally available. You no longer need to register the feature before using it.

  • Standard network features (Preview)

    Azure NetApp Files now supports Standard network features for volumes that customers have been asking for since the inception. This capability is a result of innovative hardware and software integration. Standard network features provide an enhanced virtual networking experience through various features for a seamless and consistent experience with security posture of all their workloads including Azure NetApp Files.

    You can now choose Standard or Basic network features when creating a new Azure NetApp Files volume. Upon choosing Standard network features, you can take advantage of the following supported features for Azure NetApp Files volumes and delegated subnets:

    • Increased IP limits for the virtual networks with Azure NetApp Files volumes at par with VMs
    • Enhanced network security with support for network security groups on the Azure NetApp Files delegated subnet
    • Enhanced network control with support for user-defined routes to and from Azure NetApp Files delegated subnets
    • Connectivity over Active/Active VPN gateway setup
    • ExpressRoute FastPath connectivity to Azure NetApp Files

    This public preview is currently available starting with North Central US and will roll out to other regions. Stay tuned for further information through Azure Update as more regions and features become available.

    To learn more, see Configure network features for an Azure NetApp Files volume.

September 2021

  • Azure NetApp Files backup (Preview)

    Azure NetApp Files online snapshots now support backup of snapshots. With this new backup capability, you can vault your Azure NetApp Files snapshots to cost-efficient and ZRS-enabled Azure storage in a fast and cost-effective way. This approach further protects your data from accidental deletion.

    Azure NetApp Files backup extends ONTAP's built-in snapshot technology. When snapshots are vaulted to Azure storage, only changed blocks relative to previously vaulted snapshots are copied and stored, in an efficient format. Vaulted snapshots are still represented in full. You can restore them to a new volume individually and directly, eliminating the need for an iterative, full-incremental recovery process. This advanced technology minimizes the amount of data required to store to and retrieve from Azure storage, therefore saving data transfer and storage costs. It also shortens the backup vaulting time, so you can achieve a smaller Restore Point Objective (RPO). You can keep a minimum number of snapshots online on the Azure NetApp Files service for the most immediate, near-instantaneous data-recovery needs. In doing so, you can build up a longer history of snapshots at a lower cost for long-term retention in the Azure NetApp Files backup vault.

    For more information, see How Azure NetApp Files snapshots work.

  • Administrators option in Active Directory connections (Preview)

    The Active Directory connections page now includes an Administrators field. You can specify users or groups that will have administrator privileges on the volume.

August 2021

  • Support for enabling Continuous Availability on existing SMB volumes

    You can already enable the SMB Continuous Availability (CA) feature when you create a new SMB volume. You can now also enable SMB CA on an existing SMB volume. See Enable Continuous Availability on existing SMB volumes.

  • Snapshot policy now generally available (GA)

    The snapshot policy feature is now generally available. You no longer need to register the feature before using it.

  • NFS Chown Mode export policy and UNIX export permissions (Preview)

    You can now set the Unix permissions and the change ownership mode (Chown Mode) options on Azure NetApp Files NFS volumes or dual-protocol volumes with the Unix security style. You can specify these settings during volume creation or after volume creation.

    The change ownership mode (Chown Mode) functionality enables you to set the ownership management capabilities of files and directories. You can specify or modify the setting under a volume's export policy. Two options for Chown Mode are available:

    • Restricted (default), where only the root user can change the ownership of files and directories
    • Unrestricted, where non-root users can change the ownership for files and directories that they own

    The Azure NetApp Files Unix Permissions functionality enables you to specify change permissions for the mount path.

    These new features put access control of certain files and directories in the hands of the data user instead of the service operator.

  • Dual-protocol (NFSv4.1 and SMB) volume (Preview)

    Azure NetApp Files already supports dual-protocol access to NFSv3 and SMB volumes as of July 2020. You can now create an Azure NetApp Files volume that allows simultaneous dual-protocol (NFSv4.1 and SMB) access with support for LDAP user mapping. This feature enables use cases where you might have a Linux-based workload using NFSv4.1 for its access, and the workload generates and stores data in an Azure NetApp Files volume. At the same time, your staff might need to use Windows-based clients and software to analyze the newly generated data from the same Azure NetApp Files volume. The simultaneous dual-protocol access removes the need to copy the workload-generated data to a separate volume with a different protocol for post-analysis, saving storage cost and operational time. This feature is free of charge (normal Azure NetApp Files storage cost still applies) and is generally available. Learn more from the simultaneous dual-protocol NFSv4.1/SMB access documentation.

June 2021

  • Azure NetApp Files storage service add-ons

    The new Azure NetApp Files Storage service add-ons menu option provides an Azure portal “launching pad” for available third-party, ecosystem add-ons to the Azure NetApp Files storage service. With this new portal menu option, you can enter a landing page by selecting an add-on tile to quickly access the add-on.

    NetApp add-ons is the first category of add-ons introduced under Storage service add-ons. It provides access to NetApp Cloud Data Sense. Selecting the Cloud Data Sense tile opens a new browser and directs you to the add-on installation page.

  • Manual QoS capacity pool now generally available (GA)

    The Manual QoS capacity pool feature is now generally available. You no longer need to register the feature before using it.

  • Shared AD support for multiple accounts to one Active Directory per region per subscription (Preview)

    To date, Azure NetApp Files supports only a single Active Directory (AD) per region, where only a single NetApp account could be configured to access the AD. The new Shared AD feature enables all NetApp accounts to share an AD connection created by one of the NetApp accounts that belong to the same subscription and the same region. For example, all NetApp accounts in the same subscription and region can use the common AD configuration to create an SMB volume, a NFSv4.1 Kerberos volume, or a dual-protocol volume. When you use this feature, the AD connection is visible in all NetApp accounts that are under the same subscription and same region.

May 2021

  • Azure NetApp Files Application Consistent Snapshot tool (AzAcSnap) is now generally available.

    AzAcSnap is a command-line tool that enables you to simplify data protection for third-party databases (SAP HANA) in Linux environments (for example, SUSE and RHEL). See Release Notes for AzAcSnap for the latest changes about the tool.

  • Support for capacity pool billing tags

    Azure NetApp Files now supports billing tags to help you cross-reference cost with business units or other internal consumers. Billing tags are assigned at the capacity pool level and not volume level, and they appear on the customer invoice.

  • Enable Active Directory Domain Services (AD DS) LDAP authentication for NFS volumes (Preview)

    By default, LDAP communications between client and server applications aren't encrypted. This setting means that it's possible to use a network-monitoring device or software to view the communications between an LDAP client and server computers. This scenario might be problematic in non-isolated or shared virtual networks when an LDAP simple bind is used, because the credentials (username and password) used to bind the LDAP client to the LDAP server are passed over the network unencrypted. LDAP over TLS (also known as LDAPS) is a protocol that uses TLS to secure communication between LDAP clients and LDAP servers. Azure NetApp Files now supports the secure communication between an Active Directory Domain Server (AD DS) using LDAP over TLS. Azure NetApp Files can now use LDAP over TLS for setting up authenticated sessions between the Active Directory-integrated LDAP servers. You can enable the LDAP over TLS feature for NFS, SMB, and dual-protocol volumes. By default, LDAP over TLS is disabled on Azure NetApp Files.

  • Support for throughput metrics

    Azure NetApp Files adds support for the following metrics:

    • Capacity pool throughput metrics
      • Pool Allocated to Volume Throughput
      • Pool Consumed Throughput
      • Percentage Pool Allocated to Volume Throughput
      • Percentage Pool Consumed Throughput
    • Volume throughput metrics
      • Volume Allocated Throughput
      • Volume Consumed Throughput
      • Percentage Volume Consumed Throughput

  • Support for dynamic change of service level of replication volumes

    Azure NetApp Files now supports dynamically changing the service level of replication source and destination volumes.

April 2021

  • Manual volume and capacity pool management (hard quota)

    The behavior of Azure NetApp Files volume and capacity pool provisioning has changed to a manual and controllable mechanism. The storage capacity of a volume is limited to the set size (quota) of the volume. When volume consumption maxes out, neither the volume nor the underlying capacity pool grows automatically. Instead, the volume will receive an “out of space” condition. However, you can resize the capacity pool or a volume as needed. You should actively monitor the capacity of a volume and the underlying capacity pool.

    This behavior change is a result of the following key requests indicated by many users:

    • Previously, VM clients would see the thinly provisioned (100 TiB) capacity of any given volume when using OS space or capacity monitoring tools. This situation could result in inaccurate capacity visibility on the client or application side. This behavior has been corrected.
    • The previous auto-grow behavior of capacity pools gave application owners no control over the provisioned capacity pool space (and the associated cost). This behavior was especially cumbersome in environments where “run-away processes” could rapidly fill up and grow the provisioned capacity. This behavior has been corrected.
    • Users want to see and maintain a direct correlation between volume size (quota) and performance. The previous behavior allowed for (implicit) over-subscription of a volume (capacity) and capacity pool auto-grow. As such, users couldn't make a direct correlation until the volume quota had been actively set or reset. This behavior has now been corrected.

    Users have requested direct control over provisioned capacity. Users want to control and balance storage capacity and utilization. They also want to control cost along with the application-side and client-side visibility of available, used, and provisioned capacity and the performance of their application volumes. With this new behavior, all this capability has now been enabled.

  • SMB Continuous Availability (CA) shares support for FSLogix user profile containers (Preview)

    FSLogix is a set of solutions that enhance, enable, and simplify non-persistent Windows computing environments. FSLogix solutions are appropriate for virtual environments in both public and private clouds. You can also use FSLogix solutions to create more portable computing sessions when you use physical devices. FSLogix can provide dynamic access to persistent user profile containers stored on SMB shared networked storage, including Azure NetApp Files. To enhance FSLogix resiliency to events of storage service maintenance, Azure NetApp Files has extended support for SMB Transparent Failover via SMB Continuous Availability (CA) shares on Azure NetApp Files for user profile containers. For more information, see Azure NetApp Files Azure Virtual Desktop solutions.

  • SMB3 Protocol Encryption (Preview)

    You can now enable SMB3 Protocol Encryption on Azure NetApp Files SMB and dual-protocol volumes. This feature enables encryption for in-flight SMB3 data, using the AES-CCM algorithm on SMB 3.0, and the AES-GCM algorithm on SMB 3.1.1 connections. SMB clients not using SMB3 encryption can't access this volume. Data at rest is encrypted regardless of this setting. SMB encryption further enhances security. However, it might affect the client (CPU overhead for encrypting and decrypting messages). It might also affect storage resource utilization (reductions in throughput). You should test the encryption performance impact against your applications before deploying workloads into production.

  • Active Directory Domain Services (AD DS) LDAP user-mapping with NFS extended groups (Preview)

    By default, Azure NetApp Files supports up to 16 group IDs when handling NFS user credentials, as defined in RFC 5531. With this new capability, you can now increase the maximum up to 1,024 if you have users who are members of more than the default number of groups. To support this capability, NFS volumes can now also be added to AD DS LDAP, which enables Active Directory LDAP users with extended groups entries (with up to 1024 groups) to access the volume.

March 2021

  • SMB Continuous Availability (CA) shares (Preview)

    SMB Transparent Failover enables maintenance operations on the Azure NetApp Files service without interrupting connectivity to server applications storing and accessing data on SMB volumes. To support SMB Transparent Failover, Azure NetApp Files now supports the SMB Continuous Availability shares option for use with SQL Server applications over SMB running on Azure VMs. This feature is currently supported on Windows SQL Server. Azure NetApp Files doesn't currently support Linux SQL Server. This feature provides significant performance improvements for SQL Server. It also provides scale and cost benefits for Single Instance, Always-On Failover Cluster Instance and Always-On Availability Group deployments. See Benefits of using Azure NetApp Files for SQL Server deployment.

  • Automatic resizing of a cross-region replication destination volume

    In a cross-region replication relationship, a destination volume is automatically resized based on the size of the source volume. As such, you don’t need to resize the destination volume separately. This automatic resizing behavior applies when the volumes are in an active replication relationship. It also applies when replication peering is broken with the resync operation. For this feature to work, you need to ensure sufficient headroom in the capacity pools for both the source and the destination volumes.

December 2020

  • Azure Application Consistent Snapshot Tool (Preview)

    Azure Application Consistent Snapshot Tool (AzAcSnap) is a command-line tool that enables you to simplify data protection for third-party databases (SAP HANA) in Linux environments (for example, SUSE and RHEL).

    AzAcSnap uses the volume snapshot and replication functionalities in Azure NetApp Files and Azure Large Instance. It provides the following benefits:

    • Application-consistent data protection
    • Database catalog management
    • Ad hoc volume protection
    • Cloning of storage volumes
    • Support for disaster recovery

November 2020

  • Snapshot revert

    The snapshot revert functionality enables you to quickly revert a volume to the state it was in when a particular snapshot was taken. In most cases, reverting a volume is faster than restoring individual files from a snapshot to the active file system. It's also more space efficient compared to restoring a snapshot to a new volume.

September 2020

  • Azure NetApp Files cross-region replication (Preview)

    Azure NetApp Files now supports cross-region replication. With this new disaster recovery capability, you can replicate your Azure NetApp Files volumes from one Azure region to another in a fast and cost-effective way. It helps you protect your data from unforeseeable regional failures. Azure NetApp Files cross-region replication uses NetApp SnapMirror® technology; only changed blocks are sent over the network in a compressed, efficient format. This proprietary technology minimizes the amount of data required to replicate across the regions, therefore saving data transfer costs. It also shortens the replication time, so you can achieve a smaller Restore Point Objective (RPO).

  • Manual QoS Capacity Pool (Preview)

    In a manual QoS capacity pool, you can assign the capacity and throughput for a volume independently. The total throughput of all volumes created with a manual QoS capacity pool is limited by the total throughput of the pool. It's determined by the combination of the pool size and the service-level throughput. Alternatively, a capacity pool’s QoS type can be auto (automatic), which is the default. In an auto QoS capacity pool, throughput is assigned automatically to the volumes in the pool, proportional to the size quota assigned to the volumes.

  • LDAP signing (Preview)

    Azure NetApp Files now supports LDAP signing for secure LDAP lookups between the Azure NetApp Files service and the user-specified Active Directory Domain Services domain controllers. This feature is currently in preview.

  • AES encryption for AD authentication (Preview)

    Azure NetApp Files now supports AES encryption on LDAP connection to DC to enable AES encryption for an SMB volume. This feature is currently in preview.

  • New metrics:

    • New volume metrics:
      • Volume allocated size: The provisioned size of a volume
    • New pool metrics:
      • Pool Allocated size: The provisioned size of the pool
      • Total snapshot size for the pool: The sum of snapshot size from all volumes in the pool

July 2020

  • Dual-protocol (NFSv3 and SMB) volume

    You can now create an Azure NetApp Files volume that allows simultaneous dual-protocol (NFS v3 and SMB) access with support for LDAP user mapping. This feature enables use cases where you may have a Linux-based workload that generates and stores data in an Azure NetApp Files volume. At the same time, your staff needs to use Windows-based clients and software to analyze the newly generated data from the same Azure NetApp Files volume. The simultaneous dual-protocol access removes the need to copy the workload-generated data to a separate volume with a different protocol for post-analysis. It helps you save storage cost and operational time. This feature is free of charge (normal Azure NetApp Files storage cost still applies) and is generally available. Learn more from the simultaneous dual-protocol access documentation.

  • NFS v4.1 Kerberos encryption in transit

    Azure NetApp Files now supports NFS client encryption in Kerberos modes (krb5, krb5i, and krb5p) with AES-256 encryption, providing you with more data security. This feature is free of charge (normal Azure NetApp Files storage cost still applies) and is generally available. Learn more from the NFS v4.1 Kerberos encryption documentation.

  • Dynamic volume service level change (Preview)

    Cloud promises flexibility in IT spending. You can now change the service level of an existing Azure NetApp Files volume by moving the volume to another capacity pool that uses the service level you want for the volume. This in-place service-level change for the volume doesn't require that you migrate data. It also doesn't affect the data plane access to the volume. You can change an existing volume to use a higher service level for better performance, or to use a lower service level for cost optimization. This feature is free of charge (normal Azure NetApp Files storage cost still applies). It's currently in preview. You can register for the feature preview by following the dynamic volume service level change documentation.

  • Volume snapshot policy (Preview)

    Azure NetApp Files allows you to create point-in-time snapshots of your volumes. You can now create a snapshot policy to have Azure NetApp Files automatically create volume snapshots at a frequency of your choice. You can schedule the snapshots to be taken in hourly, daily, weekly, or monthly cycles. You can also specify the maximum number of snapshots to keep as part of the snapshot policy. This feature is free of charge (normal Azure NetApp Files storage cost still applies) and is currently in preview. You can register for the feature preview by following the volume snapshot policy documentation.

  • NFS root access export policy

    Azure NetApp Files now allows you to specify whether the root account can access the volume.

  • Hide snapshot path

    Azure NetApp Files now allows you to specify whether a user can see and access the .snapshot directory (NFS clients) or ~snapshot folder (SMB clients) on a mounted volume.

May 2020

  • Backup policy users (Preview)

    Azure NetApp Files allows you to include additional accounts that require elevated privileges to the computer account created for use with Azure NetApp Files. The specified accounts will be allowed to change the NTFS permissions at the file or folder level. For example, you can specify a non-privileged service account used for migrating data to an SMB file share in Azure NetApp Files. The Backup policy users feature is currently in preview.

Next steps