As organizations continue to form fluid partnerships and seek more secure solutions than “give the partner VPN access to our network”, cloud-based managed file transfer (MFT) solutions seem like an important area to investigate. If your company wants to share data with another organization, how do you go about doing it today? Do you leverage existing (aging?) FTP infrastructure? Do you have an internet-facing extranet? Have you used email communication for data transfer?
All of those previous options will work, but an offsite (cloud-based) storage strategy is attractive for many reasons. Business partners never gain direct access to your systems/environment, the storage in cloud environments is quite elastic to meet growing needs, and cloud providers offer web-friendly APIs that can be used to easily integrate with existing applications. There are downsides related to loss of physical control over data, but there are ways to mitigate this risk through server-side encryption.
That said, I took a quick look at three possible options. There are other options besides these, but I’ve got some familiarity with all of these, so it made my life easier to stick to these three. Specifically, I compared the Amazon Web Services S3 service, Box.com (formerly Box.net), and Windows Azure Blob Storage.
The criteria along the left of the table are primarily from the Wikipedia definition of MFT capabilities, along with a few additional capabilities that I added.
|Multiple file transfer protocols||HTTP/S (REST, SOAP)||HTTP/S (REST, SOAP)||HTTP/S (REST)|
|Secure transfer over encrypted protocols||HTTPS||HTTPS||HTTPS|
|Securely storage of files||AES-256 provided||AES-256 provided (for enterprise users)||No out-of-box; up to developer|
|Authenticate users against central factors||AWS Identity & Access Management||Uses Box.com identities, SSO via SAML and ADFS||Through Windows Azure Active Directory (and federation standards like OAuth, SAML)|
|Integrate to existing apps with documented API||Rich API||Rich API||Rich API|
|Generate reports based on user and file transfer activities||Can set up data access logs||Comprehensive controls||Apparently custom; none found.|
|Individual file size limit||5 TB||2 GB (for business and enterprise users)||200GB for block blob, 1TB for page blob|
|Total storage limits||Unlimited||Unlimited (for enterprise users)||5 PB|
|Pricing scheme||Pay monthly for storage, transfer out, requests||Per user||Pay monthly for storage, transfer out, requests|
|SLA Offered||99.999999999% durability and 99.99% availability of objects||?||99.9% availability|
|Other Key Features||Content expiration policies, versioning, structured storage options||Polished UI tools or users and administrators; integration with apps like Salesforce.com||Access to other Azure services for storage, compute, integration|
Overall, there are some nice options out there. Amazon S3 is great for pay-as-you go storage with a very mature foundation and enormous size limits. Windows Azure is new at this, but they provide good identity federation options and good pricing and storage limits. Box.com is clearly the most end-user-friendly option and a serious player in this space. All have good-looking APIs that developers should find easy to work with.
Have any of you used these platforms for data transfer between organizations?
Categories: General Architecture