Use the correct service level and volume quota size for the expected performance level
Impact:MediumCategory:Scalability
APRL GUID:af426a99-62a6-6b4c-9662-42d220b413b8
Description:
Service levels, part of capacity pool attributes, determine the maximum throughput per volume quota in Azure NetApp Files. It combines read and write speed, offering three levels: Standard (16 MiB/s per 1TiB), Premium (64 MiB/s per 1TiB), and Ultra (128 MiB/s per 1TiB) throughput.
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Use standard network features for production in Azure NetApp Files
Impact:HighCategory:Scalability
APRL GUID:ab984130-c57b-6c4a-8d04-6723b4e1bdb6
Description:
Standard network feature in Azure NetApp Files enhances IP limits and VNet capabilities, including network security groups, user-defined routes on subnets, and diverse connectivity options.
Use availability zones for high availability in Azure NetApp Files
Impact:HighCategory:High Availability
APRL GUID:47d100a5-7f85-5742-967a-67eb5081240a
Description:
Availability zones are distinct locations within an Azure region to withstand local failures. Deploy your workload in multiple availability zones and use application-based replication or Azure NetApp Files cross-zone replication to achieve high availability. Note that failover is a manual process.
Deploy ANF volumes in the same availability zone with Azure compute and other services
Impact:HighCategory:Other Best Practices
APRL GUID:8bb690e8-64d5-4838-8703-9ee3dbac688f
Description:
Azure NetApp Files' availability zone (AZ) volume placement feature lets you deploy volumes in the same AZ with Azure compute and other services to have within AZ latency and share the same AZ failure domain.
Potential Benefits:
Within AZ latency and tolerate failure of other AZ
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Use snapshots for data protection in Azure NetApp Files
Impact:HighCategory:High Availability
APRL GUID:72827434-c773-4345-9493-34848ddf5803
Description:
Azure NetApp Files snapshot technology ensures stability, scalability, and swift data recoverability without affecting performance. It supports automatic snapshot creation via policies for Azure NetApp Files data.
Enable Cross-region replication of Azure NetApp Files volumes
Impact:HighCategory:Disaster Recovery
APRL GUID:e30317d2-c502-4dfe-a2d3-0a737cc79545
Description:
Azure NetApp Files replication offers data protection by allowing asynchronous cross-region volume replication for application failover in case of regional outages. Volumes can be replicated across regions, not concurrently with cross-zone replication. Note that failover is a manual process.
Enable Cross-zone replication of Azure NetApp Files volumes
Impact:HighCategory:Disaster Recovery
APRL GUID:e3d742e1-dacd-9b48-b6b1-510ec9f87c96
Description:
The cross-zone replication (CZR) feature enables asynchronous data replication between Azure NetApp Files volumes across different availability zones, ensuring data protection and critical application failover in case of zone-wide disasters. Note that failover is a manual process.
Potential Benefits:
Enhances disaster recovery across availability zones
Monitor Azure NetApp Files metrics to better understand usage pattern and performance
Impact:MediumCategory:Monitoring and Alerting
APRL GUID:2f579fc9-e599-0d44-8b97-254f50ae04d8
Description:
Azure NetApp Files offers metrics like allocated storage, actual usage, volume IOPS, and latency, enabling a better understanding of usage patterns and volume performance for NetApp accounts.
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Enforce standards and assess compliance in Azure NetApp Files with Azure policy
Impact:MediumCategory:Governance
APRL GUID:687ae58f-517f-ca43-90fe-922497e61283
Description:
Azure NetApp Files supports Azure policy integration using either built-in policy definitions or by creating custom ones to maintain organizational standards and compliance.
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Restrict default access to Azure NetApp Files volumes
Impact:MediumCategory:Security
APRL GUID:cfa2244b-5436-47de-8287-b217875d3b0a
Description:
Access to the delegated subnet should be limited to specific Azure Virtual Networks. SMB-enabled volumes' share permissions should move away from 'Everyone/Full control'. NFS-enabled volumes' access needs to be controlled via export policies and/or NFSv4.1 ACLs.
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Make use of SMB continuous availability for supported applications
Impact:HighCategory:High Availability
APRL GUID:d1e7ccc3-e6c1-40e9-a36e-fd134711c808
Description:
Certain SMB applications need SMB Transparent Failover for maintenance without interrupting server connectivity. Azure NetApp Files provides this through SMB Continuous Availability for applications like Citrix App Layering, FSLogix user/profile containers, Microsoft SQL Server, MSIX app attach.
Click the Azure Resource Graph tab to view the query
//cannot-be-validated-with-arg
Ensure application resilience for service maintenance events
Impact:MediumCategory:High Availability
APRL GUID:60f36f9b-fac9-4160-bbf5-57af04da4f53
Description:
Azure NetApp Files might undergo occasional planned maintenance such as platform updates or service and software upgrades. It's important to be aware of the application's resiliency settings to cope with these storage service maintenance events.