Azure Blob Storage L100

Disk Storage Object Storage File Storage

Ultra Azure Files
Azure Blob Storage
Premium Azure NetApp Files
Azure Data Lake Storage
Standard
Reliable, persistent, high Secure, Scalable storage Lift and shift applications that
performing storage for for unstructured data require file shares
Virtual Machines to the cloud

Azure Storage

Data Transport Hybrid Storage

Azure Data Box Azure Stack Edge

Azure File Sync
Azure HPC Cache

Move or migrate Secure, intelligent data tiering

data into Azure between on-premises and cloud
Customers using Azure Storage for Data Workloads
Blob Storage | Overview
Foundational service for Azure
Azure’s Object Storage platform
Store and serve EB of unstructured data
Broad integration across Azure services
Durable & Choice of durability (LRS, ZRS, LRS, RA-GRS)
Available Built-in data integrity protection (e.g. bit rot)
Blob
Storage Secure & All data encrypted at rest
Compliant Flexible auth including RBAC and ACLs

Scalable & 50+ Gbps per account

Performant 50K+ TPS per account

Open & Any language, any integration

Interoperable Broad OSS and third party ecosystem

Manageable & Single, consistent REST API with rich metrics

Cost Efficient Integrated storage tiers on object level
 Blob Storage Pillars

Durable & Secure & Manageable & Scalable & Open &
Available Compliant Cost Efficient Performant Interoperable
 Built-in Replication Options

Typically >300mi Typically >300mi

Async Async
Zone 1 Zone 2 Zone 3
Primary Secondary Primary Secondary

LRS (11 9s) ZRS (12 9s) GRS (16 9s) RA-GRS (16 9s)
GZRS (16 9s) RA-GZRS (16 9s)
3 replicas, 1 region 3 replicas across 3 Zones 6 replicas, 2 regions (3/region)
Protect against disk, Protect against disk, node, rack and Protects against major GRS + Read access to
node, rack failures zone failures regional disasters secondary
Write is ack’d when all Synchronous writes to all 3 zones Asynchronous to secondary Separate secondary
replicas are committed Option of LRS or ZRS copy on endpoint
Available in 8 regions
Superior to dual-parity the primary, LRS on secondary RPO delay to secondary can
RAID be queried

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
Durability & Availability
Strong Consistency
3 replicas + erasure coding
Data Integrity
MD5 hash on ingress/egress
CRC checksum & “bit rot” protection
Disaster Recovery
Geo-redundant storage (GRS)
High Availability (HA)
99.9% availability SLA
99.99% for reads with RA-GRS
 Blob Storage Pillars

Durable & Secure & Manageable & Scalable & Open &
Available Compliant Cost Efficient Performant Interoperable
Access Control for Azure Storage
Azure AD identities
Authorize users and services from AAD, federated
enterprise directories
Leverage 2FA, Conditional Access, Identity
Protection
Build Apps with no secrets using Managed Identities
for Azure Resources

Role-based access control (RBAC)

Grant access to broad or narrow scopes
Use Privileged Identity Management for just-in-time
access
Delegated Authorization
SAS Tokens enable direct access by client apps
Supports least privilege principle
Removes the need to manage a data access layer
Mobile / IOT – Enable millions of untrusted clients
Web / Javascript – CORS + SAS enables website support

Request / Renew
SAS Token
Token Issuer

REST Request with

SAS token
Storage Services
Data Encryption
Encryption at Rest
All data is encrypted at rest using 256 bit AES encryption (FIPS 140-2 compliant)
Support for custom encryption keys

Encryption in Transit
Support for HTTPS, with option to turn off HTTP access

Client-side encryption
Support for client-side encryption is built into the SDK if needed

https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
 Blob Storage Pillars

Durable & Secure & Manageable & Scalable & Open &
Available Compliant Cost Efficient Performant Interoperable
Storing data cost-effectively in Azure
As low as $1 per TB per month

Premium Hot Cool Archive Choose between online

Cool tier and offline Archive tier
Low and consistent Frequently Less frequently Rarely
latency data accessed data accessed data accessed data
No more management or
migrations of storage hardware!
PER TB
PER MONTH $150.00 $18.40 $10.00 $1.00
Save even more with Reserved
capacity –
PER 10K READ
OPERATIONS $0.0014 $0.004 $0.01 $5.00 Up to 38% savings 100TB and
1PB pre-purchases for 1-3 years
RETRIEVAL Immediate (SSD) Immediate (HDD) Immediate (HDD) Hours
TIMES

USE CASE Interactive Cloud native Server backups Medical records archive
EXAMPLES Transactions application data
Telemetry
Partner solutions for Backup and Archive Data
Choose from a broad ecosystem of partners that integrate natively with Azure Blob Storage

Adopt a seamless data protection solution across Azure and on-premises workloads

Leverage cloud native ML services for eDiscovery, Compliance and Governance scenarios
 Blob Storage Pillars

Durable & Secure & Manageable & Scalable & Open &
Available Compliant Cost Efficient Performant Interoperable
 Azure Blob Storage Scalability
Designed for scale out from the ground up
In 10 seconds Azure Storage will:
Process >1.4 Billion transactions
Ingress & Egress >100 TB of data
Add >15M new objects

Capacity and performance “on tap”

Pay for what you need and grow into high scale
Provisioning new PBs, IOPS or throughput can be done in seconds to minutes

Scalability doesn’t depend on hardware generation

Scale is virtualized to software constructs
Azure worries about the details of balancing load and scale
No migrations for hardware replacement ever
 Blob Storage Pillars

Durable & Secure & Manageable & Scalable & Open &
Available Compliant Cost Efficient Performant Interoperable
Azure Data Lake Storage Gen2 (ADLS)
A “no-compromises” Data Lake: secure, performant, massively-scalable Data Lake storage that brings the cost and scale
profile of object storage together with the performance and analytics feature set of data lake storage
Blob API ADLS Gen2 API

Object Data Analytics Data

Server Backups, Archive Hadoop File System, File
Storage, Semi-structured and Folder Hierarchy,
Data Granular ACLS Atomic File
Transactions

Common Blob Storage Foundation

Object Tiering and Lifecycle AAD Integration, RBAC, HA/DR support through ZRS
Policy Management Storage Account Security and RA-GRS

GA: Multi protocol Access with Blob and ADLS Gen 2 API
Azure Data Lake Storage Gen2 architecture
Blob API Gen2
API

HIERARCHICAL FILE SYSTEM

Performance Scale and Cost

Security Data Governance
Enhancements Effectiveness

Blob Storage
Object Tiering and Lifecycle Policy AAD Integration, RBAC, Storage HA/DR support through ZRS and RA-
Management Account Security GRS
Analytics workloads on Azure Storage
Enterprise data platform
Starbucks built an integrated data platform on Azure
where data engineers and data scientists collaborate
to unlock value and business insights leveraging
advanced analytics capabilities
The resulting agility and innovation increased
revenue and operational efficiency with use cases like
marketing, forecasting, supply chain, loyalty,
personalization and fraud detection
AI and analytics workloads
Daimler leverages the global scale of Microsoft Azure
to run analytics and artificial intelligence workloads
and projects. With the platform ‘eXtollo’, Daimler is
realizing the full potential of data through the
analytics capabilities in Microsoft Azure
eXtollo works as a blueprint to Daimler’s internal
customers - so they can individualize their analytics
needs without harming overall security principles
Serverless Computing with Data as a trigger

Trigger/ Event Serverless

Event Router Runtime

Event Grid Functions Logic Apps

Blob Storage
Events
Migrating PBs of Data to Azure

Data Box Family Offline Media Import Services Network Ingest and Egress

Data Box enables Our partners provide Network based ingestion to Azure
offline data transfer fully managed services to import tapes, Storage is free of charge
to Azure when the optical drives, hard disks or film
network isn’t an option ExpressRoute provides a secure,
dedicated and high bandwidth link
Data Box (100 TB) for data ingestion into Azure Storage

Data Box Heavy (1 PB) Use ExpressRoute Direct Local for a

fixed port fee per month and no per
GB egress charges