Forum Discussion
ZK400
Mar 07, 2024Copper Contributor
On premise nfs and smb shares
Hi,
User is migrating from an on premise MDM to Intune.
Now with Intune and on premise nfs / smb file shares, what gateway product / proxy do we use for accessing these shares securely? Migration will happen in time but need a stop gap.
Azure AD App Proxy is primarily for web apps and such like. Thanks
- No OneDrive does not support smb/nfs. There not many clients left. Most of the enterprise file share apps use some kind of complete solution like Acronis (http://acronis.nts.com.vn/mobility/files-advanced/indexe047.html?trial= ) or Docs@Work (needs Ivanti MDM components). Microsoft does not offer anything themselves.
Here you can find some pointers for Android: https://www.androidauthority.com/file-manager-explorer-apps-android-279800/
For iOS GoodReader is strong option: https://www.goodreader.com
Other suggestions for iOS: https://www.reddit.com/r/apple/comments/4h94ej/ios_smb_client_recommendations/
- SebastiaanSmitsSteel Contributor
App Proxy is indeed only web so of no use. You can use VPN solutions. Microsoft own product Microsoft Tunnel Gateway is Microsoft's own VPN solution, you can install the Gateway (Linux server) in Azure with a site2site to on-premises or install the Gateway in the DMZ. Downside is, for now, only available on iOS and Android. See here: microsoft-tunnel-prerequisites
Other third party VPN solutions can be used ofcourse, I seen a lot like GlobalProtect, F5 etc. see more info: https://learn.microsoft.com/en-us/mem/intune/configuration/vpn-settings-configure
The new solution, now in preview, is Microsoft SSE Private Access. This solution is build around Conditional Access and has lot of functionalities, see here: https://learn.microsoft.com/en-us/entra/architecture/sse-deployment-guide-intro The Private Access part is Microsoft's replacement of VPN solutions and it uses the App Proxy mechanism of installing connectors on-premises to offer on-premises apps, can be any type like smb, ssh etc. even UDP support is in place. See here: https://learn.microsoft.com/en-us/entra/architecture/sse-deployment-guide-private-access and here: https://learn.microsoft.com/en-us/entra/global-secure-access/concept-private-access
You can also host your server in Azure and make them available or use other site2site solutions to get to your servers. See here: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-configure-p2s-vpn-windows?tabs=azure-portal
------
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
- ZK400Copper Contributor
Many Thanks. And on the device / app side for iOS and Android - presumably OneDrive app supports smb / nfs config?
- SebastiaanSmitsSteel ContributorNo OneDrive does not support smb/nfs. There not many clients left. Most of the enterprise file share apps use some kind of complete solution like Acronis (http://acronis.nts.com.vn/mobility/files-advanced/indexe047.html?trial= ) or Docs@Work (needs Ivanti MDM components). Microsoft does not offer anything themselves.
Here you can find some pointers for Android: https://www.androidauthority.com/file-manager-explorer-apps-android-279800/
For iOS GoodReader is strong option: https://www.goodreader.com
Other suggestions for iOS: https://www.reddit.com/r/apple/comments/4h94ej/ios_smb_client_recommendations/