Azure File Sync: Setup and Use Cases

Azure File Sync bridges on-premises file servers and Azure Files, enabling businesses to centralise file storage while maintaining local server performance. It syncs data securely over HTTPS and uses cloud tiering to optimise storage costs by keeping frequently accessed files local and moving less-used files to the cloud. The service supports disaster recovery, simplifies data management across multiple locations, and integrates with Microsoft tools like Active Directory and Windows Server.

Key Highlights:

• Hybrid Storage: Combines local caching with cloud storage to reduce costs and improve access speed.
• Disaster Recovery: Quick server provisioning and data recovery minimise downtime.
• Integration: Works with Windows Server, DFS Namespaces, and more.
• Scalability: Sync up to 30 Azure file shares per server, with recommended limits for optimal performance.
• Setup: Requires a Windows Server (2012 R2 or later), Azure Storage Account, and the Azure File Sync Agent.

Azure File Sync is ideal for SMBs looking for efficient file sharing, robust recovery options, and reduced on-premises storage needs. The setup involves creating a Storage Sync Service, configuring sync groups, and installing the sync agent, ensuring seamless hybrid storage management.

Prerequisites and Planning

System and Network Requirements

Before diving into Azure File Sync, make sure your infrastructure ticks all the necessary boxes:

You’ll need a Windows Server - either physical or virtual - with at least one CPU and 2 GiB of RAM. The server must have a locally attached NTFS volume since Azure File Sync doesn’t work with ReFS, FAT, or FAT32 file systems.

Here’s a breakdown of supported Windows Server versions:

Your network setup must allow the Azure File Sync agent to communicate with Azure services over HTTPS on port 443. It’s important to note that the service relies solely on Microsoft routing - no internet routing is supported. For businesses with existing infrastructure, Windows Server Failover Clustering is compatible with the "File Server for general use" deployment option when clustered disks are used.

Data Deduplication integrates smoothly with Azure File Sync across all supported Windows Server versions, whether or not cloud tiering is enabled. Additionally, the service works alongside DFS Namespaces (DFS-N), though Azure File Sync is generally preferred over DFS-R for replication use cases.

Make sure your Windows Servers are running the latest updates via Windows Update and that all servers registered with the Storage Sync Service are domain-joined. Before you begin, run the Azure File Sync evaluation cmdlet to check for any potential issues with your file system or data.

With these requirements met, you’re ready to set up the necessary storage resources.

Creating Azure Storage Accounts and File Shares

The first step is creating an Azure Storage Account to host your file shares.

When setting up your storage account, think carefully about performance and redundancy needs. Azure offers several options tailored to different use cases:

For most small and medium-sized businesses in the UK, Standard_LRS (Locally Redundant Storage) is a cost-effective option that keeps data within a single data centre. If you need extra protection, Standard_GRS (Geo-Redundant Storage) replicates your data to a secondary region. Premium storage options are best for workloads requiring high IOPS or low latency.

You can create storage accounts and file shares via the Azure portal, PowerShell, or Azure CLI. When setting up file shares, define the name and quota for standard tiers, or the provisioned size for premium tiers. If you anticipate significant data growth, enable large file shares.

Make sure your Azure file share resides in the same Azure region as your Storage Sync Service. For UK businesses, this often means selecting either the UK South (London) or UK West regions to optimise performance and comply with data residency requirements.

Planning for Security and Connectivity

With your storage account and file shares ready, the next step is to fine-tune your network security and connectivity settings.

Here’s how to plan your network and data protection:

• For businesses managing sensitive data, secure connection methods like private endpoints are a must. These allow secure connections from on-premises networks via VPN or ExpressRoute.
• Configure firewall rules to permit outbound access to Azure services using service tags such as StorageSyncService, Storage, AzureResourceManager, and AzureActiveDirectory.
• To enhance security, use the Set-StorageSyncProxyConfiguration PowerShell cmdlet to route Azure File Sync traffic through a designated proxy server while maintaining broader internet restrictions.

Run the Test-StorageSyncNetworkConnectivity command to ensure that Azure File Sync can communicate with its endpoints and troubleshoot any issues early.

Encryption for data in transit is activated by default, but it’s worth reviewing the supported encryption algorithms to confirm compatibility with your organisation’s systems. For added security, restrict SMB protocol settings to the most secure options, though this may affect older clients.

If you’re using private endpoints, make sure your DNS is configured correctly to resolve fully qualified domain names. Additionally, when setting up firewall rules, keep your regional pairing in mind for disaster recovery and business continuity planning. This ensures your traffic can route effectively during failover situations.

Azure File Sync fully explained - on-prem files to Azure

Step-by-Step Setup Guide

To get started with Azure File Sync, there are three main steps: setting up the Storage Sync Service, configuring sync groups and endpoints, and installing the Azure File Sync agent on your Windows servers.

Creating a Storage Sync Service

The Storage Sync Service acts as the central hub for synchronising data between your on-premises servers and Azure file shares.

1. Open the Azure portal and select Create a resource.
2. Search for "Azure File Sync" in the marketplace and click Create to access the deployment settings.
3. Fill in the required details:
   • Name: Choose a unique name for the service within your selected region. For instance, a Manchester-based company might use "ManufacturingCorp-FileSyncUK" for easy identification.
   • Subscription: Select the subscription you want to use.
   • Resource group: Either pick an existing resource group or create one specifically for organising your file sync resources.
   • Location: Pick a region that aligns with your users' needs. For UK-based businesses, UK South or UK West are common choices for performance and data residency compliance.
4. Click Create to deploy the service. This process usually takes a few minutes.

Take a moment to review access permissions to ensure proper control over sync initiation. Keep in mind that each server can only be registered to one Storage Sync Service, and servers tied to different services cannot sync with one another. Plan your deployment accordingly.

Once the Storage Sync Service is ready, you can move on to setting up sync groups and endpoints.

Setting Up Sync Groups and Endpoints

A sync group links an Azure file share with one or more server endpoints, enabling synchronisation.

1. Navigate to your Storage Sync Service in the Azure portal.
2. From the left-hand menu, select Sync group, then click Add sync group.
3. Provide a descriptive name for your sync group, such as "Finance-Documents" or "Engineering-Projects".
4. For the cloud endpoint, choose the Azure file share you created earlier.
5. Confirm that your Windows servers are registered.
6. When configuring the server endpoint, pay attention to cloud tiering settings. Enabling cloud tiering ensures frequently accessed files remain local, while less-used files are moved to Azure to optimise local storage.
7. Decide on the initial sync mode for the first synchronisation:
   • Merge: Combines local and cloud files.
   • Download namespace first: Focuses on prioritising cloud content.
   • Upload: Pushes local files to Azure before pulling cloud files.
8. If you’re managing multiple file shares, plan your sync groups carefully. Microsoft suggests keeping the number of items per sync group below 20–30 million for the best performance.

Installing and Configuring the Azure File Sync Agent

The Azure File Sync agent is the software that allows your Windows servers to communicate with Azure file shares. It includes three components: the sync service (FileSyncSvc.exe), a file system filter (StorageSync.sys), and PowerShell cmdlets for management.

1. Download the latest agent from the Microsoft Download Centre. The installer (MSI package) supports Windows Server versions from 2012 R2 to 2025.
2. Before installing, ensure your server meets these requirements:
   • PowerShell 5.1 or 6+
   • .NET Framework 4.7.2 (if using PowerShell 5.1)
   • The latest Windows Updates
   • Temporarily disable Internet Explorer Enhanced Security Configuration during the initial registration.
3. Run the MSI package as an administrator, accept the licence terms, and proceed with the default installation settings.
4. If using Windows Server Failover Clustering, install the agent on all nodes to maintain continuous synchronisation.
5. After installation, the Server Registration UI should open automatically. If it doesn’t, you can launch it manually from C:\Program Files\Azure\StorageSyncAgent\ServerRegistration.exe.
6. During registration:
   • Select your Azure environment (typically Azure Public Cloud for UK users).
   • Sign in with credentials that have the necessary permissions.
   • Choose your subscription, resource group, and the Storage Sync Service you created earlier.
   • Ensure the administrator performing the registration has Contributor or Owner permissions on the Storage Sync Service.
7. Once registration is complete, the server will appear in the list of registered servers under the Storage Sync Service. You can then set up server endpoints to point to specific folders on the server.

The agent automatically monitors changes on the server endpoints and initiates synchronisation with Azure. If cloud tiering is enabled, it also shifts less-used files to Azure storage, freeing up local space while ensuring users can still access all their files seamlessly.

Once these steps are complete, you’re ready to start applying your configuration to meet specific SMB file-sharing needs.

Common Use Cases for SMBs

Azure File Sync is a powerful tool for small and medium-sized businesses (SMBs) that face challenges with data management and storage costs across multiple locations. By exploring its practical applications, you can decide if it aligns with your business requirements. Below are some ways SMBs are putting Azure File Sync to work.

Hybrid Storage with Cloud Tiering

Cloud tiering is a game-changer for cutting storage expenses while maintaining quick local access to important files. This feature automatically moves less-used files to Azure, keeping frequently accessed documents on local servers for immediate availability.

When done right, cloud tiering can lower on-premises storage costs by as much as 70%. Since the Azure Files Hot tier is pricier than the Azure Blob Cool tier, it’s worth planning your tiering strategy carefully.

Take the example of a global manufacturing company with 10 branch offices spread across three continents. They centralised their data in Azure’s East US region and set up each branch with a Windows Server endpoint using cloud tiering. Critical files were kept locally for instant access, while older, less-used data was tiered to Azure. This setup cut local storage needs by 60% and sped up file access through intelligent caching.

Before enabling cloud tiering, it’s crucial to analyse your file access patterns. Start with conservative settings and adjust based on real-world usage. Using dedicated volumes for synced folders can also simplify backups and avoid conflicts with system files.

Branch Office File Sharing

For SMBs with multiple locations, Azure File Sync changes the way teams collaborate. Instead of juggling separate file servers that often fall out of sync, you can centralise all your company data in Azure. Each branch can then synchronise only the files it needs, combining quick local access with centralised management.

As seen in the hybrid storage example, branch offices enjoy fast access to essential files while benefiting from centralised control over permissions, policies, and data governance. To ensure strong security, use NTFS permissions along with Azure Role-Based Access Control (RBAC). Setting up automated monitoring and alerts can also help you quickly address any synchronisation issues.

Disaster Recovery and Data Migration

Azure File Sync’s architecture offers robust disaster recovery options that go beyond traditional server backups. The cloud endpoint always holds a full copy of your data, while the on-premises server acts as a local cache.

For high availability, you can configure a failover cluster or set up a standby server. In a standby setup, multiple server endpoints sync with the same group as the primary server. The standby server stays offline until it’s needed, and in case of a failure, DFS-N can swiftly redirect users to the standby system.

To protect your data, use Azure Backup for cloud backups and enable soft delete to safeguard snapshots from accidental removal. For redundancy, consider Zone-Redundant Storage (ZRS) for a balance of cost and protection, or go for Geo-Redundant Storage (GRS) or Geo-Zone-Redundant Storage (GZRS) for added resilience.

When migrating data, many businesses move from Network Attached Storage (NAS) systems to Azure File Sync. Since Azure File Sync works with Direct Attached Storage (DAS) and doesn’t support syncing directly from NAS, you’ll need to first transfer your SMB file shares from NAS to a Windows Server. Tools like RoboCopy are highly effective for this process.

Always maintain detailed records of server registrations, sync group settings, tiering configurations, and access controls. These records are invaluable for disaster recovery and compliance audits, ensuring your business continuity plans are well-supported.

Tips and Best Practices

To get the most out of Azure File Sync, it's important to focus on fine-tuning performance, managing costs effectively, and following operational best practices. These practical tips will help you optimise your setup while keeping expenses in check.

Cost Management Strategies

Select the Right Access Tier for Your Needs

Azure file shares offer three different access tiers, each suited to specific usage patterns. The transaction optimised tier is best for workloads with high transaction volumes, such as initial migrations, as it has the lowest transaction costs but higher storage prices. The hot tier strikes a balance with lower storage costs but slightly higher transaction fees. Meanwhile, the cool tier is designed for data that’s rarely accessed, offering the lowest storage costs but the highest transaction rates.

Take Advantage of Azure Files Reservations

If you can predict your storage needs, consider pre-committing to a reservation. This can reduce your storage costs by up to 36% over three years. It's a smart choice for production environments with steady and predictable storage demands, offering significant savings compared to pay-as-you-go pricing.

Keep an Eye on Usage Patterns

Regular monitoring of your storage usage is essential to avoid unnecessary costs. Look out for unexpected spikes in capacity, which could be caused by things like excessive log files or soft-deleted data building up. Setting alerts for storage thresholds can help you identify and address these issues early.

Set Soft Delete Retention Periods Carefully

While soft delete provides an extra layer of data protection, it continues to incur storage costs during the retention period. Choose a retention period that balances protection with cost efficiency. For many small and medium-sized businesses, a retention window of 7–14 days is sufficient.

Avoid Overprovisioning Premium File Shares

Premium file shares operate on a provisioned model, meaning you pay upfront for a specific capacity, IOPS, and throughput. To avoid unnecessary expenses, monitor your actual usage and leave a reasonable buffer for growth. A headroom of two to three times your current usage is often adequate to ensure performance without overspending.

Managing costs while maintaining system performance is a balancing act. The strategies above can help you stay efficient and avoid unnecessary expenses.

Performance Best Practices

Cost management is important, but performance optimisation is equally vital for a smooth and reliable Azure File Sync experience.

Optimise Your Server Hardware

Your server’s hardware plays a big role in sync performance. Use fast storage drives like SSDs or NVMe, ensure enough RAM is available, and rely on multi-core CPUs for better processing power. Disable Windows indexing on sync folders and exclude the sync path from antivirus scans to avoid disruptions during sync operations.

Improve Network Connectivity

Network quality directly affects sync speeds. For reliable performance, consider using Azure ExpressRoute or a VPN. Implement Quality of Service (QoS) policies to prioritise sync traffic, and schedule large sync operations during off-peak hours to reduce bandwidth strain.

Keep File and Folder Structures Simple

Complex folder hierarchies and a large number of files can slow down sync operations. Since Azure File Sync processes files individually, the performance depends on how many files and directories it handles per second. Plan your sync groups carefully to avoid overloading any single group.

Fine-Tune Cloud Tiering Policies

Adjust cloud tiering settings to align with your performance and cost goals. Define a minimum file age before tiering and set volume free space thresholds. Frequently accessed folders should be pinned locally to ensure quick access. Keep in mind that changes made through the Azure portal or SMB shares aren’t detected immediately, as Azure File Sync relies on scheduled change detection jobs.

Use Dedicated Volumes for Sync Endpoints

Isolating sync endpoints on their own volumes simplifies backups and reduces the risk of conflicts with system files. This setup also makes it easier to monitor sync-specific performance metrics and troubleshoot any issues that arise.

Further Resources and Expert Insights

For those looking to expand their knowledge of Azure File Sync, the Azure Optimization Tips, Costs & Best Practices guide provides detailed advice on advanced cost-saving strategies, best practices for cloud architecture, and tips for fine-tuning performance - all tailored for businesses scaling their operations on Microsoft Azure.

Conclusion

Azure File Sync offers a modern solution for file storage while keeping compatibility with Windows file servers intact. By centralising file shares in Azure Files and maintaining local server performance, it tackles many of the storage challenges faced by small and medium-sized businesses (SMBs).

Setting it up is simple. Creating a Storage Sync Service, configuring sync groups, and installing the Azure File Sync agent provide a strong foundation for hybrid storage that grows with your business. With the capability to sync up to 30 Azure file shares from a single Windows Server instance, businesses gain a lot of flexibility in how they deploy and manage their storage. This straightforward setup supports the key advantages discussed earlier.

Features like automatic synchronisation and cloud tiering make managing files easier and reduce the need for extensive local storage. Built-in redundancy and seamless migration tools ensure that transitioning to the cloud doesn’t disrupt daily operations.

It’s worth noting that Azure File Sync performs best when file shares have fewer than 20–30 million items, even though it has been tested to handle up to 100 million. For larger organisations with strict data separation needs, setting up dedicated Storage Sync Services for individual business units can help maintain governance and security standards.

FAQs

How does Azure File Sync keep your data secure during synchronisation?

Azure File Sync safeguards your data during synchronisation with a combination of encryption in transit (using TLS) and encryption at rest through Azure Storage encryption. To bolster security further, it incorporates role-based access control (RBAC), enabling precise permission management. Additionally, it uses network security features like virtual networks and firewalls to block unauthorised access.

These layers of protection ensure your data stays secure, whether it’s being transferred or stored, providing confidence in managing hybrid storage environments.

How can I optimise cloud tiering in Azure File Sync to manage costs and maintain performance?

Optimising Cloud Tiering in Azure File Sync

To make the most of cloud tiering in Azure File Sync, it's essential to configure tiering policies that suit your needs. Focus on keeping frequently accessed files stored locally, ensuring quick access, while moving less-used files to the cloud. At the same time, make sure your policies allow for enough free space on local volumes to prevent performance hiccups.

For data that's rarely accessed and intended for long-term storage, the archive tier is a great option. It can help you cut costs significantly. Keep an eye on your usage patterns and tweak your tiering settings regularly to maintain the right balance between cost savings and system performance. This way, your storage setup stays efficient and budget-friendly.

How can businesses use Azure File Sync with on-premises systems like Windows Server Failover Clustering?

To connect Azure File Sync with on-premises systems like Windows Server Failover Clustering, you’ll need to install the Azure File Sync agent on every cluster node. Additionally, each server in the cluster must be registered with Azure File Sync to ensure smooth synchronisation and failover functionality.

Azure File Sync works with the 'File Server for general use' deployment option, offering seamless integration and high availability for clustered file shares. This configuration keeps your data synchronised across your hybrid setup, enhancing reliability and efficiency for critical business tasks.

Related posts

• Azure Backup Options for Small Businesses
• How to Optimise Azure AD Connect Performance
• Azure Site Recovery Costs: Breakdown
• Ultimate Guide to Azure Collaboration for SMBs