NETAPP

Azure NetApp Files

Azure NetApp Files is an Azure native, first-party, enterprise-class, high-performance file storage service. Customers can create and manage high-performance, highly available, and scalable file shares by using the same protocols and tools that NetApp on premise customers are familiar with.

Features

• Protocols supported NFSv3, NFSv4.1, SMB 3.0, SMB 3.1.1
• Data at rest encryption at both software and hardware layer
• Windows AD integration
• Accessed via Azure and on-premise
• Billing through Azure, logical space
• Snapshot, Clone, and Sync

Benefits

• Quickly provision NFS and/or SMB shares in the cloud
• Double encryption adds hardware-level encryption at the physical storage device
• Migrate enterprise applications to cloud
• Dynamically adapt performance to capacity requirements
• Pay what you use billing through Azure
• Cross region data replication for building disaster recovery solutions
• Use Azure portal , CLI, PowerShell, or REST API.
• Extreme performance for SAP HANA, HPC and VDI
• 99.99 percent availability for ANF
• Dynamically adapt allocation (capacity to pay) to capacity requirements

£0.12 to £0.50 a gigabyte a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.roberts@netapp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

817376990766695

Contact

Chris Roberts
07920284901
chris.roberts@netapp.com

Service scope

• Service constraints: Constraints that might include planned maintenance arrangements or support being limited to specific hardware configurations at NetApp Inc are outlined in their policies and practices. These constraints ensure that maintenance and support are aligned with specific hardware configurations to optimize performance and ensure compatibility. By adhering to these constraints, NetApp can provide more efficient and effective maintenance services, minimizing any potential risks or issues that may arise from incompatible hardware configurations. This approach also allows NetApp to streamline their maintenance processes and allocate resources more effectively.
• System requirements:
  • Requires a NetApp account be setup
  • SMB requires an Active Directoy (AD)
  • NFSv4.1 with Kerberos and NFSv3 with extended groups require AD

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support for ANF is handled by Azure Support. ; See https://azure.microsoft.com/en-us/support/options/
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Microsoft's consideration of EN 301 549 in the development of products and services points to its commitment to accessibility for all customers; https://www.microsoft.com/nl-nl/trust-center/compliance/accessibility
• Onsite support: Onsite support
• Support levels: Azure Rapid Response Support is he fastest response time Microsoft offers: 15 minutes for all critical issues, prioritized engineering engagement and deeper technical Azure expertise. ; file:///C:/Users/graa/Downloads/Azure%20Rapid%20Response%20Datasheet.pdf; ; Microsoft Unified Enterprise Support ; Response times:; – Critical Sev 1: 15-min for Azure/1-hour for all other products; – 1-hour Sev A/2-hour Sev B/4-hour Sev C; https://www.microsoft.com/en-us/unifiedsupport/details; ; Azure Support: Professional Direct (ProDirect); Fastest initial response of one hour or less for high-severity support requests; Escalation management for priority issues; Pooled team of ProDirect Managers provide account management; https://azure.microsoft.com/en-gb/support/plans/prodirect; ; All support pricing needs to be obtained by Microsoft
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: NetApp offer a free onboarding session to learn performance tips and networking setup to achieve maximum benefit from day one.; https://bluexp.netapp.com/ma-anf-lp-aware-register
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customer can carry out a file migration out of Azure NetApp Files to a destination of their choice if they no longer wish to utilise the service. As the invoicing from Microsoft is based on usage - it would have no impact on contracts and billing would be updated to reflect their exit of the service from the next month.
• End-of-contract process: The customer can carry out a file migration out of Azure NetApp Files to a destination of their choice if they no longer wish to utilise the service. As the invoicing from Microsoft is based on usage - it would have no impact on contracts and billing would be updated to reflect their exit of the service from the next month.

Using the service

• Web browser interface: Yes
• Using the web interface: Azure enables you to create and manage support requests, also known as support tickets. You can create and manage requests in the Azure portal, which is covered in this article. You can also create and manage requests programmatically, using the Azure support ticket REST API, or by using Azure CLI.; ; https://learn.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Microsoft's consideration of EN 301 549 in the development of products and services points to its commitment to accessibility for all customers; ; https://www.microsoft.com/nl-nl/trust-center/compliance/accessibility
• API: Yes
• What users can and can't do using the API: The REST API for the Azure NetApp Files service defines HTTP operations against resources such as the NetApp account, the capacity pool, the volumes, and snapshots.; ; When the API limit has been exceeded, the HTTP response code is 429; ; All details including specification, considerations, a guide to Install, examples and Next Steps when using REST API can be found in the below - ; https://learn.microsoft.com/en-us/azure/azure-netapp-files/azure-netapp-files-develop-with-rest-api
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
• Other API automation tools: Trident
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• Command line interface: Yes
• Command line interface compatibility: Linux or Unix
• Using the command line interface: ANF is an Azure 1st party native service that is REST API driven. The service can also be controlled using Azure CLI.

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Azure NetApp Files uses a QoS method to assign throughput to volumes. The only SLA that Microsoft supplies for ANF is availability.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Allocated storage
  • Actual storage usage
  • Volume IOPS
  • Latency
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Backup and restore full volumes
  • Snapshot volumes
• Backup controls: Azure NetApp Files backup supports policy-based (scheduled) backups and manual (on-demand) backups at the volume level. You can use both types of backups in the same volume. During the configuration process, you will enable the backup feature for an Azure NetApp Files volume before policy-based backups or manual backups can be taken.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Guaranteed availability of 99.99%; ; If Microsoft do not achieve and maintain the Service Levels for each Service as described in the SLA, then a customer may be eligible for a credit towards a portion of their monthly service fees.; ; Terms including How to Claim can be found on the latest published SLA agreement below:; https://azure.microsoft.com/en-us/support/legal/sla/netapp/v1_1/
• Approach to resilience: Whether it’s a single hardware node failure, a rack level failure, a datacenter outage, or a large-scale regional outage, Azure provides solutions that improve reliability with built in services.; ; Availability sets ensure that the virtual machines deployed on Azure are distributed across multiple isolated hardware nodes in a cluster. Availability zones protect customers’ applications and data from datacenter failures across multiple physical locations within a region.; ; Availability zones, which are separated groups of datacenters within a region. Availability zones are close enough to have low-latency connections to other availability zones. They're connected by a high-performance network with a round-trip latency of less than 2ms. However, availability zones are far enough apart to reduce the likelihood that more than one will be affected by local outages or weather and have independent power, cooling, and networking infrastructure. They're designed so that if one zone experiences an outage, then regional services, capacity, and high availability are supported by the remaining zones. They help your data stay synchronized and accessible when things go wrong.; ; Datacenter locations are selected by using rigorous vulnerability risk assessment criteria. This process identifies all significant datacenter-specific risks and considers shared risks between availability zones.
• Outage reporting: The Azure Service Health dashboard keeps you informed about the health of your environment. It provides a personalized view of the status of your Azure services in the regions where they are used. The dashboard provides upcoming planned maintenance and relevant health advisories while allowing you to manage service health alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
• Access restrictions in management interfaces and support channels: Service is managed by an SRE team with well-defined membership
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Unknown as its Microsofts Assessment and certification
• ISO/IEC 27001 accreditation date: 11/06/2023
• What the ISO/IEC 27001 doesn’t cover: Reports can be found here ; https://servicetrust.microsoft.com/viewpage/ISOIEC
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 06/12/2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: This is a Microsoft service, STAR certification reports can be found here - https://cloudsecurityalliance.org/star/registry/microsoft/services/microsoft-azure
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC2 Type 1

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Cloud Security and Compliance team governs all the cloud services and maintains policies and procedures to be followed. Such policies and procedures are as below:; • Vulnerability Management Standard and Procedure; • Hardening and Patch Management Procedure; • Access Control Policy and Procedure; • Asset Management Policy ; • Logging and Monitoring Policy and Procedure; • Backup and Restoration Policy and Procedure; • Cryptography Policy and Procedure; • Risk Assessment Procedure; • Secure Development Policy and Procedure; • Change and Release Management Procedure; • Logical Security Procedure; • Document Control Procedure; • Physical Security Procedure; • Incident Management and root cause analysis Procedure; ; This central team manages security (confidentiality,integrity &availability) across the portfolio. Theyensure information assets operate an acceptable level of protection and embed leading security practices.; They also ensure compliance with leading authoritative standards and maintain commercial certifications like SOC 2,ISO,FedRAMP,HIPAA.; Policies andprocedures are appropriately shared across all the groups. Any individual who violates policy may be subject to disciplinary action, up to and including termination from employment, in accordance with NetApp's Code of Conduct. Adherence is assessed by internal audit periodically. External Audits also takes place atleast once annually to ensure all the security practices are performed and managedeffectively.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All systems including applications, third party components, infrastructure and configurations are scanned for vulnerability. The results from the scans are securely communicated to the appropriate teams in a timely manner. Remediation tracking process is established and followed to ensure records of vulnerability and their remediation/ closure are maintained. Risk assessment is done for the vulnerabilities while it is triaged. Critical patches are deployed on priority as part of emergency change. NetApp tracks vulnerabilities from multiple sources such as NVD Feeds, US-CERT mailer, and OSS mailers.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: All systems including applications, third party components, infrastructure and configurations are scanned for vulnerability. The results from the scans are securely communicated to the appropriate teams in a timely manner. Remediation tracking process is established and followed to ensure records of vulnerability and their remediation/ closure are maintained. Risk assessment is done for the vulnerabilities while it is triaged. Critical patches are deployed on priority as part of emergency change. NetApp tracks vulnerabilities from multiple sources such as NVD Feeds, US-CERT mailer, and OSS mailers.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Microsoft invests over USD1 billion annually on cybersecurity research and development.; Microsoft employs more than 3,500 security experts focused on securing your data and privacy.; Azure has more certifications than any other cloud provider. View the comprehensive list. https://docs.microsoft.com/en-us/compliance/regulatory/offering-home?view=o365-worldwide
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Microsoft cloud services are continuously monitored for signs of compromise. In addition to automated security monitoring and alerting, all employees receive annual training to recognize and report signs of potential security incidents. Any suspicious activity detected by employees, customers, or security monitoring tools are escalated to Service-specific Security Response teams for investigation. All service operations teams, including Service-specific Security Response teams, maintain a deep on-call rotation to ensure resources are available for incident response 24x7x365. Our on-call rotations enable Microsoft to mount an effective incident response at any time or scale, including widespread or concurrent events.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: Traditional public cloud model, tenants separated by virtualization security or physical depending on services levels

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Microsoft has operated carbon neutral since 2012. By 2030, Microsoft will be carbon negative and by 2050, Microsoft will have removed from the environment all the carbon the company has emitted either directly or by electrical consumption since it was founded in 1975. By 2025, Microsoft datacenters will be supplied by 100 percent renewable energy. To accomplish this goal, Microsoft has implemented contracting tools such as proxy generation power purchase agreements for green energy to supply 100 percent of the carbon-emitting electricity consumed by all datacenter

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  NetApp's hardware and software solutions are designed to help customers achieve their sustainability goals, including reducing their carbon footprint and optimising data management to conserve energy and resources. To support the complete product lifecycle management, NetApp focuses on energy-efficient technologies such as deduplication, compression, and compaction that dramatically reduce product footprint, lowering overall energy costs. Similarly, using larger capacity media also reduces customers’ footprint and can significantly impact the energy required to run their data centre(s). ; ; Our packaging is made from 98% recycled/renewable materials and we use 80 Plus titanium power supplies for our hardware. Our e-waste and product take-back (free for all customers) programs (https://www.netapp.com/company/environmental-certifications/e-waste-management), adherence to environmental directives (https://www.netapp.com/company/environmental-certifications/), and the provision of sustainability tools like the NetApp Sustainability Dashboard (https://docs.netapp.com/us-en/active-iq/BlueXP_sustainability_dashboard_overview.html) and the Product Attribute to Impact Algorithm (PAIA) methodology to calculate product carbon footprint, all demonstrate our commitment to protecting our environment and fighting climate change. ; ; For more information about NetApp’s environmental, social, and governance (ESG) initiatives, refer to the following URL https://www.netapp.com/esg. Our 2023 ESG report can be downloaded at https://www.netapp.com/pdf.html?item=/media/79434-NetApp-esg-report.pdf. Our Social Impact efforts include offering employees up to five days paid time off each year to volunteer at approved non-profit organizations from a global database, many of which benefit the environment. Specifically in the UK this year, a team volunteered at a nature reserve to remove an invasive species and sow wildflowers. ; ; To summarize, our solutions adhere to circular economy principles that emphasize product durability, end-of-life management, recyclability, and environmental responsibility. For additional information on NetApp’s sustainability efforts, refer to the following URLs https://www.netapp.com/esg/sustainability/ and https://www.netapp.com/esg/sustainable-technology/.

  Covid-19 recovery

  2021 ESG NetApp’s response to the global pandemic began in January 2020, months before major steps were taken in much of the world launching Thrive Belonging. From matching COVID-related charitable donations to shifting rapidly to remote work, NetApp has taken a mix of steps to keep our teams and communities safe while also delivering products and services uninterrupted.; At the outset, we assembled a company-wide crisis management team to execute our Business Continuity Plan and prepare to mitigate the impact of COVID-19. We put in place measures requiring most of our global workforce to work from home.; Our leadership monitored and managed the situation to mitigate impact to sales, global supply chains, and support and services.; As pandemic risks recede, we’re shifting to a hybrid workplace, a mix of remote and onsite work that promises to deliver a productive balance of engagement and tailored flexibility for employees.; 2024 in a COVID-19 recovery world NetApp WX introduced Thrive Together, taking steps such as consultancy with an external organisation to take feedback on how we run an approach to being more present in the office by adjusting the office to meet a post COVID-19 world and taking feedback from internal stakeholders including employees and Employee Business Resource Groups.; While retaining hybrid working, all offices are suitable for social distancing and flexibility is available for those wishing to socially distance such as attending during off-peak times or attending meeting remotely.; In the UK a renovation has taken place to adapt our office to a post Covid-19 based of feedback after a return to the office. NetApp offices have washing and hygiene facilities suitable for all members of staff.; Office workspaces that individuals or groups can also work from flexible across the world booked via a service, including a weekly office day in London.

  Tackling economic inequality

  We believe that community engagement has the power to bring positive, measurable change to our communities. Through our social impact programs, NetApp empowers our people to care for our communities and harness the power of data/AI for good—investing in programs and partnerships that support economic equality and community vitality in the communities where we live and work around the world.; Our social impact initiatives fall into three categories: data/AI literacy, equity, and sustainability. While the demand for data/AI skills will only increase in the years ahead, students experience significant racial gaps when it comes to data literacy. Through our Data Explorers program, we help bridge those inequities and prepare students for the jobs of the future.; Our equity programs focus on expanding access to data/AI skills and careers for underrepresented groups, closing the racial and gender gaps in the data science field and creating career paths. Finally, we work to accelerate data/AI solutions to support environmental sustainability, recognizing the urgent need to address environmental risks—and the employment opportunities that will accompany these new solutions. In addition to these NetApp investments, we also support employee community engagement programs that empower employees to support the causes they are most passionate about—including organizations that tackle inequality and create career and economic opportunities for others. NetApp supports those efforts through paid volunteer time off, matching donations, grants tied to employee volunteering, and more.

  Equal opportunity

  NetApp’s work environment is based upon respect for the individual and their particular talents and qualities. We strive to recognize and optimize each employee’s unique differences and individual contributions to foster an environment where everyone has access to equal opportunity and can thrive in their role here at NetApp. NetApp is an equal opportunity employer and makes employment decisions on the basis of merit. We want to have the best available persons in every job. Our policy prohibits unlawful discrimination based on race, color, creed, sex, gender/transgender status, gender identity, gender expression, religion, marital status, age, citizenship status, national origin or ancestry, physical, physiological and mental health condition, medical condition including but not limited to AIDS/HIV, genetic characteristics, pregnancy, sexual orientation, veteran status, or any other consideration made unlawful by federal, state, or local laws. ; This policy includes the prohibition against discrimination against any individual who is perceived to have any of the protected characteristics or is associated with a person who has or is perceived as having any of those characteristics. All such discrimination is unlawful. NetApp adheres to legal requirements by offering reasonable adjustments for individuals with disabilities, enabling them to fulfil their job responsibilities, provided there is no undue hardship. An interactive effort is made to discover and mitigate obstacles, ensuring workplace success. Possible adjustments are identified in collaboration with the person to mitigate any limitations. When an accommodation is feasible and does not cause undue hardship, NetApp will implement it to support an accessible work environment. NetApp is committed to compliance with all applicable laws providing equal employment opportunities. This commitment applies to all persons involved in Company operations and prohibits unlawful discrimination by any NetApp employee.

  Wellbeing

  NetApp are committed to helping employees manage their health and wellbeing. One way we do this is by taking intentional breaks as a company to ensure we come back refreshed and healthy. We have a global Company shutdown at year end (between Christmas & New Year) and three global wellness days during the year to give employees space and time to focus on wellbeing. In addition to this we have a ‘No Meeting Friday’ once per month to allow for uninterrupted focused, productivity time to get work done or to take advantage of the many opportunities NetApp offers for continued career development and growth. We encourage employees not to hold internal meetings (Zoom/Teams, in-person or otherwise) on these days if possible and to use their best judgement for external-facing meetings on these days. NetApp also offers a variety of financial benefits to support financial wellbeing. Employees are eligible for income protection, life assurance and a contributory pension plan. ; ; In the UK, employees have the opportunity to avail of Eyecare tests, dental insurance, private medical insurance and a monthly contribution towards gym membership. Employees also have access to our Employee Assistance Program which supports all aspects of life – physical, financial, emotional and social – through our partnership with Workplace Options, employees can access a variety of resources and confidential support. A Health, Wellbeing & Community Impact team has been set up to creating a supportive environment where we come together to promote physical and mental wellness, foster connections and forge a sense of UK team spirit by connecting employees through health and wellbeing activities and certified ‘mental health first aid’ training.

Pricing

• Price: £0.12 to £0.50 a gigabyte a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.roberts@netapp.com. Tell them what format you need. It will help if you say what assistive technology you use.