Background:
Mixato is an online platform for point of sale financing. It enables users to purchase products in-store and online on a credit basis and make instalment payments. Users must add the platform as the payment option during checkout. It also provides a merchant portal enabling businesses to provide a buy now pay later option for their customers. Mixato is committed to providing a secure and convenient service for consumers,
Challenge:
Legacy file servers are served by Windows Server 2008R2-based VM instances. Files are stored in Standard HDD-based disk arrays in the Nutanix Hyper-Converged platform. Files stored in these servers are mapped as network drives in VDI interfaces using the Active Directory Group Policy Drive Mapping configuration and shall be migrated to Azure
Migration Strategy/Solution:
Many migrations strategies can follow to migrate file servers to the Azure cloud and one or a combination of approaches can be followed during the migration. All approaches support data encryption at rest to meet PCI compliance.
1. Azure VM with Managed Disks (IaaS managed by Client)
Backups taken from on-prem disks shall be uploaded to the cloud and then restored as managed disks in Azure and finally attached to a cloud VM based on Win Server 2019 OS. This approach needs to follow a cut-off migration strategy
2. Azure Files (PaaS managed by Microsoft)
Azure Files migration is considered as the preferred solution due to the following benefits:
Shared access: Azure file shares support the industry-standard SMB and NFS protocols, meaning you can seamlessly replace your on-premises file shares with Azure file shares without worrying about application compatibility. Being able to share a file system across multiple machines, applications/instances is a significant advantage with Azure Files for applications that need shareability.
Fully managed: Azure file shares can be created without the need to manage hardware or an OS. This means you don’t have to deal with patching the server OS with critical security upgrades or replacing faulty hard disks.
Resiliency: Azure Files have been built from the ground up to be always available and durable. Replacing on-premises file shares with Azure Files means you no longer have to wake up to deal with local power outages or network issues. The service offers many options to implement redundancy in the primary region as well as in a secondary region (DR) and provides up to 99.99999999999999% (16 9’s) durability.
Ref: Data redundancy – Azure Storage | Microsoft Docs
Secure: Files stored in Azure Files are encrypted at rest and transmitted over a secure channel. Further network isolation can be achieved using Azure private endpoint where data is not transmitted via the public internet. Built-in integration with Azure Defender detects malware or unusual activities in the Azure Files share.
Automated Backup/Snapshot Support: Azure file share backup service automates taking snapshots and improves data protection and recoverability.
Soft Delete Support: This allows you to recover your file share when it is accidentally deleted with restoring snapshots.
Ref article: Migrate to Azure file shares | Microsoft Docs
The approach uses a combination of AzCopy, RoboCopy, and Azure File Sync agents installed on on-prem file servers. Once data is migrated to the cloud and still wants to achieve hybrid access (Access files from current on-prem file shares without modification), Azure File Sync agent can be installed on on-prem File Server. Please note that the Azure File Sync agent requires Win Server 2012R2 at a minimum and will require current Server 2008R2 servers to be in-place upgraded during the transition period.
For general purpose file shares, standard file shares (HDD based) are preferred and for the workload that requires high throughput and low latency (SSD based), premium file shares are preferred.
3. Azure NetApp File Shares (PaaS managed by Microsoft)
This is an enterprise-scale file share solution powered by NetApp. This solution is expensive to operate, hence is not considered as a solution.
4. OneDrive (SaaS managed by Microsoft)
Personal files and files that require concurrent collaboration can be considered stored in OneDrive. Migrating such files from file servers shall be carried out by end-users with guidance before or after the migration. During the migration, any shared access will need to be granted explicitly by the end user.