During re:Invent 2018 keynote today, Amazon Web Services announced FSx for Windows File Server that will help enterprise customers run Windows applications on the cloud with fully compatibility with their applications and their Windows environments. FSx Windows file system is backed by fully-managed Windows file servers and it can be accessed via the SMB protocol with great throughput, IOPS, and consistent sub-millisecond performance.
FSx for Windows highlights:
- Accessibility & Protocol Support – You can access your shares from Amazon Elastic Compute Cloud (EC2) instances, Amazon WorkSpaces virtual desktops, Amazon AppStream 2.0 applications, and VMware Cloud on AWS. Versions 2.0 through 3.1.1 of SMB are supported, allowing you to use Windows versions starting from Windows 7 and Windows Server 2008, and current versions of Linux (via Samba). Active Directory integration is built in, allowing you to easily integrate with your existing enterprise environment.
- Performance and Tunability – Amazon FSx for Windows File Server delivers consistent, sub-millisecond latency. You can set the file system size and throughput (in megabytes per second) independently, with plenty of latitude in each dimension. File systems can be as big as 64 TB, and can deliver up to 2,048 MB/second of throughput.
- Management – Your file systems are fully managed and data is stored in redundant form within an AWS Availability Zone. You don’t have to worry about attaching and formatting additional storage devices, updating Windows Server, or recovering from hardware failures. Incremental file-system consistent backups are taken automatically every day, with the option to take additional backups when needed.
- Security – You get multiple levels of access control and data protection. File system endpoints are created within Virtual Private Clouds (VPCs) and access is governed by Security Groups. Windows ACLs are used to control access to folders and files; IAM roles are used to control access to administrative functions, with administrative activities logged to AWS CloudTrail. Your data is encrypted in transit and (using a KMS key that you can control) at rest. The service is PCI-DSS compliant and can be used to build HIPAA-compliant applications.
- Multi-AZ Deployment – You create file systems in distinct AWS Availability Zones, and can use Microsoft DFS to set up automatic replication and failover between them. You can also use Microsoft DFS Namespaces to create shared, common namespaces that span multiple file systems and provide up to 300 PB of storage.