Review your storage options
Storage capabilities are critical for supporting workloads and services that are hosted in the cloud. As you prepare for your cloud adoption, review this information to plan for your storage needs.
Select storage tools and services to support your workloads
Azure Storage is the Azure platform's managed service for providing cloud storage. Azure Storage is composed of several core services and supporting features. Storage in Azure is highly available, secure, durable, scalable, and redundant. Use these scenarios and considerations to choose Azure services and architectures. For more information, see Azure Storage documentation.
Answer the following questions about your workloads to help make decisions about your storage needs:
Do your workloads require disk storage to support the deployment of infrastructure as a service (IaaS) virtual machines? Azure managed disks provide virtual disk capabilities for IaaS virtual machines.
Will you need to provide downloadable images, documents, or other media as part of your workloads? Azure Blob Storage hosts static files, which are then accessible for download over the internet. For more information, see Static website hosting in Azure Storage.
Will you need a location to store virtual machine logs, application logs, and analytics data? You can use Blob Storage to store Azure Monitor log data. See Azure Storage Analytics.
Will you need to provide a location for backup, disaster recovery, or archiving workload-related data? Blob Storage provides backup and disaster recovery capabilities. For more information, see Backup and disaster recovery for Azure IaaS disks.
You can also use Blob Storage to back up other resources, like on-premises or IaaS virtual machine-hosted SQL Server data. See SQL Server Backup and Restore.
Will you need to support big data analytics workloads? Azure Data Lake Storage Gen2 is built on Azure Blob Storage. Data Lake Storage Gen2 supports large-enterprise data lake functionality. It also can handle storing petabytes of information while sustaining hundreds of gigabits of throughput.
Will you need to provide cloud-native file shares? Azure has two services that provide cloud-hosted file shares:
- Azure NetApp Files provides high-performance NFS and SMB shares, with advanced data management features such as snapshots and cloning, that are well suited to common enterprise workloads like SAP.
- Azure Files provides file shares accessible over SMB 3.0 and HTTPS.
Will you need to support hybrid cloud storage for on-premises high-performance computing (HPC) workloads? Avere vFXT for Azure is a hybrid caching solution. You can expand your on-premises storage capabilities by using cloud-based storage. Avere vFXT for Azure is optimized for read-heavy HPC workloads that involve 1,000 to 40,000 CPU cores. Avere vFXT for Azure can integrate with on-premises hardware network attached storage (NAS), Blob Storage, or both.
Will you need to perform large-scale archiving and syncing of your on-premises data? Azure Data Box products are designed to help you move large amounts of data from your on-premises environment to the cloud.
- Azure Data Box Gateway is a virtual device that's on-premises. Data Box Gateway helps you manage large-scale data migration to the cloud.
- Azure Stack Edge accelerates processing and the secure transfer of data to Azure. If you need to analyze, transform, or filter data before you move it to the cloud, use Azure Data Box.
Do you want to expand an existing on-premises file share to use cloud storage? Azure File Sync lets you use the Azure Files service as an extension of file shares that are hosted on your on-premises Windows Server computers. The syncing service transforms Windows Server into a quick cache of your Azure file share. It allows your on-premises computers that access the share to use any protocol that's available on Windows Server.
Common storage scenarios
Azure offers multiple products and services for different storage capabilities. The following table describes potential storage scenarios and the recommended Azure services.
Block storage scenarios
|Scenario||Suggested Azure services||Considerations for suggested services|
|I have bare-metal servers or virtual machines (Hyper-V or VMware) with direct attached storage running line-of-business applications.||Azure Premium SSD||For production services, Premium SSD option provides consistent low-latency coupled with high input/output operations per second (IOPS) and throughput.|
|I have servers that will host web and mobile apps.||Azure Standard SSD||Standard SSD IOPS and throughput might be sufficient at a lower cost than Premium SSD for CPU-bound web and application servers in production.|
|I have an enterprise SAN or all-flash array.||Premium SSD or Azure Ultra Disk Storage or Azure NetApp Files||Ultra Disk Storage is NVMe-based and offers submillisecond latency with high IOPS and bandwidth. Ultra Disk Storage is scalable up to 64 TB. The choice of Premium SSD or Ultra Disk Storage depends on peak latency, IOPS, and scalability requirements.|
|I have high-availability clustered servers, such as SQL Server FCI or Windows Server failover clustering.||Azure Files or Premium SSD or Ultra Disk Storage||Clustered workloads require multiple nodes to mount the same underlying shared storage for failover or high availability. Premium file shares offer shared storage that's mountable by using SMB. Shared block storage also can be configured on Premium SSD or Ultra Disk Storage by using partner solutions. See SIOS DataKeeper Cluster Edition.|
|I have a relational database or data warehouse workload, such as SQL Server or Oracle.||Premium SSD or Ultra Disk Storage||The choice of Premium SSD or Ultra Disk Storage depends on peak latency, IOPS, and scalability requirements. Ultra Disk Storage also reduces complexity by removing the need for storage pool configuration for scalability. See Mission critical performance.|
|I have a NoSQL cluster such as Cassandra or MongoDB.||Premium SSD||Azure disk storage Premium SSD provides consistent low-latency coupled with high IOPS and throughput.|
|I have containers with persistent volumes.||Azure Files or Standard SSD, Premium SSD, or Ultra Disk Storage||File (RWX) and block (RWO) volumes driver options are available for both Azure Kubernetes Service and custom Kubernetes deployments. Persistent volumes can map to either an Azure disk storage disk or a managed Azure Files share. Choose premium versus standard options based on workload requirements for persistent volumes.|
|I have a data lake such as a Hadoop cluster for HDFS data.||Data Lake Storage Gen2 or Standard SSD or Premium SSD||The Data Lake Storage Gen2 feature of Blob Storage provides server-side HDFS compatibility and petabyte scale for parallel analytics. It also offers high availability and reliability. Software like Cloudera can use Premium SSD or Standard SSD on controller/worker nodes, if needed.|
|I have an SAP or SAP HANA deployment.||Premium SSD or Ultra Disk Storage||Ultra Disk Storage is optimized to offer submillisecond latency for tier-1 SAP workloads. Premium SSD, coupled with M-series virtual machines, offers a general-availability option.||For the highest throughput at low latency, use Azure NetApp Files for your SAP and SAP HANA deployment.|
|I have a disaster re covery site with strict RPO/RTO that syncs from my primary servers.||Azure page blobs||Page blobs are used by replication software to enable low-cost replication to Azure without the need for compute virtual machines until failover occurs. For more information, see Backup and disaster recovery for Azure IaaS disks. Note: Page blobs support a maximum of 8 TB.|
File and object storage scenarios
|Scenario||Suggested Azure services||Considerations for suggested services|
|I use Windows file server.||Azure Files or Azure File Sync||With Azure File Sync, you can store rarely used data on cloud-based file shares while caching your most frequently used files on-premises. You can also keep files in sync across multiple servers. If you plan to migrate your workloads to a cloud-only deployment, Azure Files might be sufficient.||For larger deployments that have strict requirements for high throughput and low latency, use Azure NetApp Files.|
|I have an enterprise network attached storage such as NetApp or Dell-EMC Isilon.||Azure NetApp Files or Azure Files (premium)||If you have an on-premises deployment of NetApp, consider using Azure NetApp Files to migrate your deployment to Azure. If you're using or migrating to a Windows or Linux server, consider using Azure Files. Also, if you have basic file-share needs, consider using Azure Files. For continued on-premises access, use Azure File Sync to sync file shares with on-premises file shares by using a cloud-tiering mechanism. Cloud tiering uses your server as a cache for the relevant files while scaling cold data in Azure file shares.|
|I have an SMB or NFS file share.||Azure Files or Azure NetApp Files||The choice of premium or standard Azure Files tiers depends on IOPS, throughput, and your need for latency consistency. If you have an on-premises deployment of NetApp, consider using Azure NetApp Files. If you need to migrate your access control lists and timestamps to the cloud, Azure File Sync can bring these settings to your Azure file shares.|
|I have an on-premises object storage system for petabytes of data, such as Dell-EMC ECS.||Blob Storage||Azure Blob Storage provides premium, hot, cool, and archive tiers to match your workload performance and cost needs.|
|I have a Distributed File System Replication deployment or another way of handling branch offices.||Azure Files or Azure File Sync||Azure File Sync offers multisite sync for multiple servers and native Azure file shares. Move to a fixed storage footprint on-premises by using cloud tiering.|
|I have a tape library for backup and disaster recovery or long-term data retention.||Blob Storage||A Blob Storage archive tier has the lowest possible cost. It might require hours to copy the offline data to a cool, hot, or Premium tier to allow access. Cool tiers provide instantaneous access at low cost.|
|I have file or object storage configured to receive my backups.||Blob Storage or Azure File Sync||To back up data for long-term retention with lowest-cost storage, move data to Blob Storage and use cool and archive tiers. To enable fast disaster recovery for file data on a server, sync shares to individual Azure file shares by using Azure File Sync. With Azure file share snapshots, you can restore earlier versions. Sync them back to connected servers or access them natively in the Azure file share.|
|I run data replication to a disaster recovery site.||Azure Files, Azure NetApp Files or Azure File Sync||Azure File Sync removes the need for a disaster recovery server and stores files in native Azure SMB shares. Fast disaster recovery rebuilds any data on a failed on-premises server quickly. You can even keep multiple server locations in sync or use cloud tiering to store only relevant data on-premises.
Azure NetApp Files provides a storage based feature called Cross region replication which can be used to replicate data to other Azure regions which does not use any VM or application server resources, and is highly optimized to replicate only changed data blocks between updates.
|I manage data transfer in disconnected scenarios.||Azure Stack Edge or Data Box Gateway||Using Data Stack Edge or Data Box Gateway, you can copy data in disconnected scenarios. When the gateway is offline, it saves all files you copy in the cache, then uploads them when you're connected.|
|I manage an ongoing data pipeline to the cloud.||Azure Stack Edge or Data Box Gateway||Move data to the cloud from systems that are constantly generating data by having them copy that data to the storage gateway.|
|I have bursts of data that arrive at the same time.||Azure Stack Edge or Data Box Gateway||Manage large quantities of data that arrive at the same time. Some examples are when an autonomous car pulls into the garage or a gene sequencing machine finishes its analysis. Copy all that data to Data Box Gateway at fast local speeds. Then, let the gateway upload it as your network allows.|
Plan based on data workloads
|Scenario||Suggested Azure services||Considerations for suggested services|
|I want to develop a new cloud-native application that needs to persist unstructured data.||Blob Storage|
|I need to migrate data from an on-premises NetApp instance to Azure.||Azure NetApp Files|
|I need to migrate data from on-premises Windows file server instances to Azure.||Azure Files|
|I need to move file data to the cloud but continue to primarily access the data from on-premises.||Azure Files or Azure File Sync|
|I need to support burst compute. I have NFS/SMB read-heavy, file-based workloads with data assets that are on-premises while computation runs in the cloud.||Avere vFXT for Azure||IaaS scale-out NFS/SMB file caching.|
|I need to move an on-premises application that uses a local disk or iSCSI.||Azure disk storage|
|I need to migrate a container-based application that has persistent volumes.||Azure disk storage or Azure Files|
|I need to move file shares that aren't on Windows Server or NetApp to the cloud.||Azure Files or Azure NetApp Files||Protocol supports regional availability performance requirements snapshot and clone capabilities price sensitivity.|
|I need to transfer terabytes to petabytes of data from on-premises to Azure.||Azure Stack Edge|
|I need to process data before transferring it to Azure.||Azure Stack Edge|
|I need to support continuous data ingestion in an automated way by using local cache.||Data Box Gateway|
Learn more about Azure storage services
After you identify the Azure tools that best match your requirements, use this detailed documentation to learn more about these services:
|Azure Blob Storage||Blob Storage is an object storage solution for the cloud. Blob Storage is optimized for storing massive amounts of unstructured data. Unstructured data is data that doesn't adhere to a specific data model or definition, such as text or binary data.
Use Blob Storage for the following needs:
|Data Lake Storage Gen2||Blob Storage supports Data Lake Storage Gen2, Microsoft's enterprise big data analytics solution for the cloud. Data Lake Storage Gen2 offers a hierarchical file system, with the advantages of Blob Storage. It also includes low-cost tiered storage, high availability, strong consistency, and disaster recovery capabilities.|
|Azure disk storage||Azure disk storage offers persistent, high-performance block storage to power Azure Virtual Machines. Azure disks are highly durable, secure, and offer the industry's only single-instance, service-level agreement (SLA) for virtual machines that use Azure Premium SSD or Azure Ultra Disk Storage. Azure disks provide high availability with availability sets and availability zones for your Azure Virtual Machines fault domains. Azure manages disks as a top-level resource. Azure Resource Manager capabilities are provided, such as Azure role-based access control (Azure RBAC), policy, and tagging by default.|
|Azure Files||Azure Files provides fully managed, native SMB file shares, without the need to run a virtual machine. You can mount an Azure Files share as a network drive to any Azure virtual machine or on-premises computer.|
|Azure File Sync||Use Azure File Sync to centralize your file shares in Azure Files. Azure File Sync offers the flexibility, performance, and compatibility of an on-premises file server.|
|Azure NetApp Files||The Azure NetApp Files service is an enterprise-class, high-performance, metered file storage service. Azure NetApp Files supports any workload type and is highly available by default. You can select service and performance levels and set up snapshots through the service.|
|Azure Stack Edge||Azure Stack Edge is an on-premises network device that moves data into and out of Azure. Data Stack Edge has AI-enabled edge compute to pre-process data during upload. Data Box Gateway is a virtual version of the device but with the same data transfer capabilities.|
|Data Box Gateway||Data Box Gateway is a storage solution that enables you to seamlessly send data to Azure. It's a virtual device based on a virtual machine provisioned in your virtualized environment or hypervisor. The virtual device is on-premises and you write data to it by using the NFS and SMB protocols. The device then transfers your data to Azure block blobs, page blobs, or to Azure Files.|
|Avere vFXT for Azure||Avere vFXT for Azure is a filesystem caching solution for data-intensive HPC tasks. Take advantage of cloud computing's scalability to make your data accessible, even for data that's stored in your own on-premises hardware.|
Data redundancy and availability
Azure Storage has various redundancy options to help ensure durability and high availability based on your needs.
- Locally redundant storage
- Zone-redundant storage
- Geo-redundant storage (GRS)
- Read-access GRS (RA-GRS)
- Geo-zone-redundant storage (GZRS)
To learn more about these capabilities and how to decide on the best redundancy option for your use cases, see Azure Storage redundancy.
SLAs for storage services provide financially backed guarantees. For more information, see SLA for managed disks, SLA for virtual machines, and SLA for storage accounts.
For help with planning the right solution for Azure disks, see Backup and disaster recovery for Azure disk storage.
To help protect your data in the cloud, Azure Storage offers several best practices for data security and encryption:
- Secure the storage account by using Azure RBAC and Azure Active Directory (Azure AD).
- Secure data in transit between an application and Azure by using client-side encryption, HTTPS, or SMB 3.0.
- Set data to be encrypted when it's written to Azure Storage by using Azure Storage encryption.
- Grant delegated access to the data objects in Azure Storage by using shared access signatures.
- Use analytics to track the authentication method that someone is using when they access storage in Azure.
These security features apply to Azure Blob Storage (block and page) and to Azure Files. For more information, see Security recommendations for Blob Storage.
Azure Storage provides encryption at rest and safeguards your data. Azure Storage encryption is enabled by default for managed disks, snapshots, and images in all the Azure regions. All new managed disks, snapshots, images, and new data written to existing managed disks are encrypted at rest using keys managed by Microsoft. For more information, see Azure Storage encryption and Managed disks and storage service encryption.
Azure Disk Encryption lets you encrypt managed disks that are attached to IaaS virtual machines at rest and in transit. Azure Key Vault stores your keys. For Windows, encrypt the drives by using industry-standard BitLocker encryption technology. For Linux, encrypt the disks by using the dm-crypt subsystem. The encryption process integrates with Azure Key Vault so you can control and manage the disk encryption keys. For more information, see Azure Disk Encryption for virtual machines and virtual machine scale sets.
You can use Azure to deliver scaled services to reach your customers and partners wherever they are. Checking the regional availability of a service beforehand can help you make the right decision for your workload and customer needs. To check availability, see Managed disks available by region and Azure Storage available by region.
Managed disks are available in all Azure regions that have Azure Premium SSD and Standard SSD offerings. Azure Ultra Disk Storage is offered in several availability zones. Verify the regional availability when you plan mission-critical, top-tier workloads that require Ultra Disk Storage.
Hot and cool Blob Storage, Data Lake Storage Gen2, and Azure Files storage are available in all Azure regions. Archival blob storage, premium file shares, and premium lock Blob Storage are limited to certain regions. Refer to the regions page to check the current status.
To learn more about Azure global infrastructure, see Azure geographies. Consult Products available by region for storage options available in each Azure region.
Data residency and compliance requirements
Legal and contractual requirements that are related to data storage often apply to your workloads. These requirements depend on the location of your organization, the jurisdiction of the physical assets that host your data stores, and your business sector. Consider data classification, data location, and the respective responsibilities for data protection under the shared responsibility model. For more information, see Enabling Data Residency and Data Protection in Microsoft Azure Regions.
Part of your compliance efforts might include controlling where your database resources are physically located. Azure regions are organized into groups called geographies. An Azure geography ensures that data residency, sovereignty, compliance, and resiliency requirements are honored within geographical and political boundaries. If your workloads are subject to data sovereignty or other compliance requirements, deploy your storage resources to regions that are in a compliant Azure geography. For more information, see Azure geographies.
Submit and view feedback for