Quick – what’s the first thing that pops in your head when you think cloud file sharing? Most likely it was one of the two big hitters: Dropbox or Box. Inevitably, whenever I mention enterprise collaboration and file sharing with someone, one of these two products come up. A little more rarely I’ll hear someone bring up Project Octopus, or as it is now formally known, VMware Horizon Suite.
However, the spin on these products greatly depends on which side of the information technology aisle you sit. Those in charge of governance, security, and control are often plagued with having to deal with these solutions in their corporate network, with the choices either being to be the “bad guy” and block them, or try to rule the data bits. The average user, however, seems to enjoy the ad-hoc, domain free aspect of these various products, although the “peer to peer” nature of having to share out your files to everyone you stumble along can get quite annoying. It’s a safe bet that most enterprise environments, like it or not, are teaming with users that consume black market IT via one of these solutions.
The “peer to peer” model, where users invite others to share, presents challenges
This is where Nasuni’s CEO and Founder, Andres Rodriguez, feels he and his team can make a difference. Recently, the company has announced a new additional offering to their portfolio in the form of Nasuni Mobile Access (you can read the press release here). Being a veteran of Tech Field Day 8, in which Nasuni held a product demo that was very well received by the delegates, I decided it would be of value to dig deeper into what this release really meant, especially after reading
this section of a quote from Andres that struck a chord:
Mobile access needs to be an extension to the existing storage and security infrastructure. It should be a feature of the infrastructure rather than another application IT has to manage.
Fortunately for me, the Nasuni team never disappoints, and were more than glad to let me pop the hood on their latest new feature to share with you.
The Nasuni Formula
First off, for those new to the product, it is essentially a very secure method to provide file access to an enterprise with multiple sites. Each site hosts a Nasuni storage controller, which encrypts data with your own private key prior to being sent to the Nasuni cloud, so that the data is completely gibberish to anyone outside of your firewall. Replication is seamless, and access to files is accomplished using a single, global name space, as demonstrated below.
Because of this architecture, Nasuni already offers a Dropbox-like experience for an enterprise shop. Files are saved to your normal mapped drives or mount points, which are then replicated to wherever else they need to go. For them, this is the “easy part”, and is the base line configuration that offers value in protecting your files across a global framework.
The Secret Sauce
During a product briefing with the Nasuni team, I quickly realized that the value add begins to shine in how Nasuni is NOT like Dropbox. This essentially comes down to three different pieces:
- Leverage Existing Access Controls: Files are controlled by corporate IT using the existing access control methods including user accounts, file / folder share permissions, and device control.
- Single User Account: Your identity is your Active Directory account, not a third party (additional) system. In essence, a single sign on (SSO) for corporate files.
- End-to-End Security: No data ever leaves the data center without being encrypted, and the key is controlled by IT. Nasuni does not have the ability to read your data.
The security features are a big win for many enterprise organizations with compliance obligations
Instead of an ad-hoc, disparate domain system, where users invite one another to share files, you instead leverage existing shares and access control lists (ACLs) to manage file access. This lack of a fork-lift operation saves a lot of re-work and operational expenses, along with giving the user an experience that mirrors being at the office.
The mobile offering is an extension of this capability, in that corporate IT can literally check a box in the Nasuni administrative window to allow particular shares, users, or devices to access files. As you might expect, it also grants you the authority to block these same entities, and wipe any externally cached data on a device if it is compromised.
This is how easy it is to enable mobile access for a file share
ROBO Value Add
Outside of the mobile access announcement, I also caught up on the advancements that Nasuni has made since we last spoke, over a year ago. One thing that caught my ear was the ability to share out storage on the Nasuni storage controller via NFS and iSCSI, which makes it a viable datastore target for running VMs. In a remote / branch office scenario, you could put in a small number of servers running VMware, add a Nasuni appliance, plumb it into the network, and call it a day. This seems like a perfect way to deploy the handful of VM servers necessary: a domain controller, print servers, application servers, and so on.
Depending on your deployment size, Nasuni offers a pair of hardware controllers in the NF-200 and NF-400. They seem very competitively priced and are under a support contract directly with Nasuni. When a drive failure occurs (which is reasonably common with any spinning disk platform) they call in for a replacement and work with you to get it installed.
Tethering people to a clunky VPN or forcing them to play e-mail ping pong with files makes remaining agile and collaborative difficult. The ability to offer mobile access to employees is fast becoming the normal routine for business. It seems that Nasuni has taken the approach of “delight the user” and baked in all the features that a mobile user would need to remain highly functional when out and about.
I’d love to get a comment from those who have used the Nasuni solution, or plan to, especially if you’re on track to use the mobile access feature. Of course, all feedback is welcome.