Download the authoritative guide: Enterprise Data Storage 2018: Optimizing Your Storage Infrastructure
Background. Citrix acquired ShareFile for file collaboration and Podio for team collaboration. Both products expand GoToMeeting’s collaboration capabilities but operate independently of it. Pre-acquisition ShareFile served small businesses who needed file collaboration with deep security. As a start-up ShareFile could only stretch its resources so far; Citrix is spending significant resources to develop ShareFile and Podio for enterprise IT.
Technology. ShareFile is a hybrid solution using cloud storage repositories and also allows customers to store data on-premises. ShareFile administrates the web app, brokering and reporting functions through a Citrix-managed cloud. For customers opting to store data in the cloud, ShareFile stores files in Citrix-managed StorageZones located on Amazon S3 or in private, on-premise, customer-managed clouds called StorageZones. ShareFile does not require other Citrix products to work but integrates with them. Podio with its team collaboration interface is closely related as is Citrix XenMobile.
- Scalability. ShareFile offers SaaS, where new features are delivered to customers automatically without having to perform manual upgrades. It is easily configurable and scales with cloud storage or inside the user’s datacenter. High availability architecture requires that there are at least two Storage Center servers per customer-managed StorageZone, which uses a single file share throughout the zone. The reasoning behind the customer-managed StorageZone offering is three-fold: better performance by locating storage closer to users, geographic control over storage locations, and improved security for critical information by placing it behind the firewall.
- Security. When a user shares a file the client logs on to the Citrix control plane located on Citrix’ own cloud, which does user authentication and passes authorized users to the shared file cloud storage. The file transfer occurs directly between the client and the cloud storage where user data is stored. Permissions are folder-wide as opposed to individual documents. IT or users can add and save files to ShareFile folders and can set up folder permissions for viewing or editing. All data in Citrix-managed StorageZones is stored with AES 256-bit encryption and data in transit is SSL encrypted. In the event of a security breach remote wipe and poison pill options delete data residing on mobile devices. StorageZone Connectors allow users instant access to business files stored on existing corporate network shares and Microsoft SharePoint, which ordinarily cannot be accessed outside the corporate network or on mobile devices. This enables users to easily access data from existing data stores and enables administrators to retain the capabilities of their existing e-discovery/ legal hold tools.
- Control. Citrix ShareFile integrates with Active Directory through support for SAML solutions as well as integration with Citrix XenMobile, and offers a native account authentication as well. XenMobile includes AD-based user account provisioning. With the XenMobile integration, the ShareFile app can be MDX-enabled and made available on mobile devices. Apps interoperate with ShareFile to open, edit, sync and share data all within a secure container controlled by IT. MDX technology enables IT to containerize and standardize security and control policies across all mobile apps, including ShareFile apps. IT can also remotely encrypt the device, disable external applications, or lock it down with an auto-generated new password.
- Usability. Being able to view file metadata without sync and download is a big advantage for VDIs like XenDesktop. The virtual desktop interface would lag and crash if an entire set of documents was synced into a desktop every time a sharing user logged on. Using ShareFile, VDI users can view folder and file metadata without downloading them: files only download and sync upon editing. A Microsoft Outlook plugin provides popular support for Outlook users. Additional plugins replicate familiar interfaces with Windows Explorer and Mac Finder integrated views. A built-in content editor for mobile apps allows remote users to edit Microsoft office docs and annotate PDF files.
- Compliance. ShareFile supports governance by tracking file share activities and controls data retention by setting expiration points for files. Customer-managed StorageZones allow IT to place data within their datacenter to meet unique data sovereignty and compliance re-quirements. ShareFile complies with HIPAA Security Policies and Procedures, which in turn com-plies with U.S. HITECH security standard.
Background. Druva was founded in 2008 and released inSyncthat same year. Since then, Druva has built inSync into an integrated platform for endpoint data protection and governance with backup, file-sharing, data loss prevention (DLP), and data analytics. inSync’s deduplication technology is application-aware, efficiently deduplicating within and across files at the object level to save storage and bandwidth, as well as improve file-sharing performance across devices of collaborating users.
Technology. Druva inSync offers file collaboration as part of an integrated suite of endpoint backup (desktops, laptops, tablets, and smart phones), file-sharing, data loss prevention, and analytics. Suite tools include application-aware deduplication, WAN optimization, and a centralized management console that administrates a single set of user permissions and policies across the entire suite. Customers have a choice between their own on-premise infrastructure, a massive private cloud, Amazon AWS, or hybrid combinations of on-premise and cloud deployments. Druva is careful to state that while it offers a managed service with public cloud storage from Amazon a public cloud component is not required for their solution. This enables them to serve customer segments that will not store data on the public cloud.
- Scalability. Customers may choose from several highly scalable options. inSync Cloud is a SaaS offering that runs from Amazon AWS. IT can scale file-sharing and additional Druva inSync add-ons on demand. Customer internal infrastructure running inSync can grow up to 10,000 users on a single server. inSync’s HyperCache is a server-side in-memory cache that reduces disk I/O by up to 90% and maintains high performance in the deduping environment as the number of users scales. Druva also offers inSync Private Cloud as an on-premise architecture with a cloud master connecting to multiple distributed storage nodes.
- Security. inSync uses 256-bit SSL encryption for data in transit and 256-bit AES encryption for stored data. inSync uses two-factor encryption and provides unique encryption key management, along with strict authentication and access control for each customer. inSync uses Security Assertion Markup Language (SAML) for single sign on and integrates with MS AD. inSync’s file-sharing has an added layer of security with integrated DLP that allows admins to geo-track endpoints and remotely wipe synced and shared data on laptops and mobile devices.
- Control. inSync supports system-wide policies to give IT comprehensive control and visibility into file-sharing and collaboration as well as backup and data protection activities. The unified management console enables IT to manage policies, users, devices, and storage nodes. Security policies include permissions to share files within and outside the organization: setting link expirations, sharing of view-only links, ability to share on mobile devices, and more. Storage policies include retention of file versions and deletes, user quota, and more. Notification policies include end-user alerts and desktop notifications.
- Usability. The inSync user interface makes viewing and sharing files simple for end-users. Selective syncing allows users to either sync a shared folder to their devices or simply view the shared folder on inSync web. inSync’s embedded document viewer allows users to view shared files in-browser. IT will find the interface easy to manage as well, with preset profiles for the entire Druva set of services. inSync also provides mass deployment of the client application and automatic mass updates on all client devices.
- Compliance. inSync provides reporting across its product suite, giving IT insights into data usage trends. User and admin activity streams, including all file-sharing activities, allow enterprises to comply with regulations using inSync. Tamper-proof audit trails detail all administrator activities related to policies, users, devices and storage to help achieve compliance with industry regulations. inSync also provides real-time federated search capability, which searches for files across all endpoint devices in the enterprise and enables eDiscovery. Integrated analytics helps to enforce legal holds on user data and enables eDiscovery.
Differentiator. Druva’s integrated data protection technology differentiates its file-sharing solution from point products. Using a single solution for endpoint backup and file-sharing further saves businesses storage and bandwidth costs by reducing data duplication across the two. As an integrated platform that includes a well-defined file collaboration solution, Druva attracts IT departments who are frustrated with managing thousands of endpoints.