Skip to content

Azure Blob Storage vs Azure File Storage

Azure Blob vs File Storage

Are you confused about which Azure Storage Service to use, for mapping a drive, or just dumping large amounts of data in to? This post goes indepth in to the differences between Azure Blob Storage and Azure File Services.

Azure Storage Comparison

Azure Storage

What is Azure Blob Storage?

Azure Blob Storage (Blob is the acronym Microsoft has given called Binary Large Object) is storage provided by Microsoft in their Azure Cloud Environments. Blob Storage is for unstructured data, more importantly its an object store for storing large amounts of data. Each object (or blob) is stored in a flat name space, and to the user looks as if it is stored within a directory like structure. 

What is Azure File Storage?

Azure File Storage is a fully managed cloud based file service also provided by Microsoft in their Azure Cloud environments. This storage is for Structured Data, and can provide connectivity to end user devices. Think of it as a File Server that you traditionally had on-premise, that now you no longer have to manage as Microsoft has taken care of that. Folders and Files can be nested within other Folders as in the example picture below.

How can I connect to Azure Blob Storage?

With Azure Blob Storage access is provided over HTTPS, so you cant traditionally mount Blob Storage as a mapped network drive to a Virtual Machine or Users desktop. 

 

You can however browse all the Azure Blobs contained within this Storage Account through your web browser, using Microsoft’s Azure Storage Explorer, the Azure Storage Rest API, Powershell or even the Azure CLI. Alternatively, you can use our software, Cloud Storage Manager to do the same thing and more.

 

How can I connect to Azure File Storage?

As stated before, Azure File Services is more like your standard file server, in that you can create multiple network shares with folders and files within. These shares can of course be mapped directly to your machines as a network drive using the SMB protocol. To map a network drive to an Azure File Share, Microsoft lets you create a login script direct from the Azure Portal using powershell to connect the share.

Here is an example powershell script to connect an Azure File share to a users computer as a Y drive mapping.

$connectTestResult = Test-NetConnection -ComputerName storageaccountname.file.core.windows.net -Port 445

if ($connectTestResult.TcpTestSucceeded) {

    # Save the password so the drive will persist on reboot

    cmd.exe /C “cmdkey /add:`”storageaccountname.file.core.windows.net`” /user:`”localhost\storageaccoun`” /pass:`”longpasswordabcdefghijklmnopqrstuvwxyz`””

    # Mount the drive

    New-PSDrive -Name Y -PSProvider FileSystem -Root “\\storageaccountname.file.core.windows.net\fileservicestest” -Persist

} else {

    Write-Error -Message “Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port.”

}

With Azure Files you can also set NTFS permissions on the shares, folders and files. Additionally you can integrate this service with your Azure AD so that permissions can be set using normal AD groups and users. 

One thing that differentiates Azure File Services from an on-premise File Server is that you can access the folders and files from anywhere with an internet connection.

Allow access to Azure Storage Account using a Shared Access Signature

The Shared Access Signature can be created to allow access over HTTP or HTTPS for a limited time to any of the Azure Storage Services. This includes Blob, File, Queue and Table Services. 

You can be granular with the access you want to provide. Perhaps you have a third party that you only want to give access to your data and  certain services for a fixed amount of time. 

Options you can choose are;

  • Allowed Services;
    • Blob
    • File
    • Queue
    • Table
  • Allowed Resource Types
    • Service
    • Container
    • Object
  • Allowed Permissions
    • Read
    • Write
    • Delete
    • List
    • Add
    • Create
    • Update
    • Process
    • Immutable Storage
Choose this options carefully, as you can see you can be as granular as you want to allow access to your Azure Storage Accounts. 

Whats a Use Case Example for Azure Blob Storage?

Azure Blob Storage has several use cases. Its great for the following types of data storage;

  • Serving documents, images or videos direct to a browsers.
  • Storing of files for quick and easy access 
  • Streaming video and audio
  • Great for dumping of logs files for analysis
  • A good target for backup files, archiving and disaster recovery.

Whats a Use Case Example for Azure File Storage?

Azure File Services is great for the following use cases;

  • Replacing or supplementing your on-premise File Servers
  • Allowing network share access to anywhere in the world with an internet connection
  •  Lift and Shift your applications to the Cloud that require a network share
  • Improving the resilience and uptime of your network shares
  • Removing the need to patch and maitain Windows File Servers

So what are the main differences between Azure Blob Storage and Azure File Services?

Item

Azure Blob Storage

Azure File Services

Tiering
Hot
Cool
Archive
Premium
Transaction Optimized
Hot
Cool
Note – No Archive Tier available for Azure File Services
Authentication
SAS Token
Storage Access Keys
Azure AD Integration
Anonymous public read access
SAS Token
Storage Access Keys
Azure AD
On-Premise Active Directory – Synced with Azure AD
Redundancy
LRS – Locally Redundant Storage
ZRS – Zone Redundant Storage
GRS – Geo Redundant Storage
GZRS – Geo Zone Redundant Storage
LRS – Locally Redundant Storage
ZRS – Zone Redundant Storage
GRS – Geo Redundant Storage
GZRS – Geo Zone Redundant Storage
Maximum Size
500TB 100TiB per File Share
Maximum File Size
Azure BLOBs are 2 types; Page and Block.
Max Page is 8TiB, max block is 200TiB
1 TB per File
Authentication
SAS Token
Storage Access Keys
Azure AD Integration
Anonymous public read access

SAS Token
Storage Access Keys
Azure AD Integration

On-Premise Active Directory – Synced with Azure AD

Leave a Reply