SAA-C03 Distractor Analysis: The Anti-Pattern Guide
Purpose: Stop falling for trap answers. This guide teaches you to instantly disqualify wrong options by recognizing Killer Constraints - the specific keywords and limits that rule out services.
🔴 COMPUTE DISTRACTORS
AWS Lambda
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| AWS Glue | "ETL jobs", "Petabyte-scale data", "Spark", "Data catalog" | Lambda max 15 min execution, 10 GB memory. Glue is for large-scale ETL with Spark. |
| AWS DMS | "Database migration", "Ongoing replication", "Schema conversion" | Lambda doesn't do database replication. DMS handles continuous data sync. |
| AWS Batch | "Long-running jobs", "HPC", "Rendering", "Genomics" | Lambda 15-min limit kills it. Batch runs containerized jobs for hours/days. |
| Step Functions | "Orchestrate", "Coordinate multiple services", "Workflow" | Lambda is a single function. Step Functions orchestrates multiple Lambdas. |
| Fargate | "Container", "Docker", "Persistent process", "Long-running service" | Lambda is event-driven, short-lived. Fargate runs always-on containers. |
Lambda Killer Keywords: "more than 15 minutes", "persistent connection", "always running", "petabyte", "terabyte processing", "websocket server"
Amazon EC2
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| Lambda | "No server management", "Pay per invocation", "Event-driven", "Serverless" | EC2 requires you to manage servers. Lambda is fully managed. |
| Fargate | "No infrastructure management", "Serverless containers" | EC2 requires managing instances. Fargate abstracts the infrastructure. |
| Lightsail | "Simple", "Predictable pricing", "Small website", "WordPress" | EC2 is complex. Lightsail is simplified VPS with bundled pricing. |
EC2 Killer Keywords: "serverless", "no patching required", "fully managed compute", "pay only when code runs"
AWS Fargate
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| EC2 | "GPU workloads", "Specific instance types", "Windows containers", "Spot pricing flexibility" | Fargate has limited instance customization. EC2 gives full control. |
| Lambda | "Sub-second billing", "No container management needed" | Fargate bills per-second (minimum 1 minute). Lambda bills per-ms. |
| EKS on EC2 | "Kubernetes node management", "DaemonSets required", "HostNetwork" | Fargate doesn't support all K8s features. Use EC2 nodes for full control. |
Fargate Killer Keywords: "GPU", "Windows containers (older)", "DaemonSet", "privileged containers", "specific AMI"
🔴 DATABASE DISTRACTORS
Amazon RDS
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| Aurora | "5x performance", "Global database", "Serverless auto-scaling", "Up to 128 TB" | Standard RDS maxes at 64 TB. Aurora is cloud-native with superior performance. |
| DynamoDB | "Millisecond latency at any scale", "NoSQL", "Key-value", "Serverless" | RDS is relational/SQL only. DynamoDB is NoSQL and serverless. |
| Redshift | "Data warehouse", "Petabyte analytics", "OLAP", "Columnar storage" | RDS is OLTP (transactions). Redshift is OLAP (analytics). |
| ElastiCache | "Microsecond latency", "In-memory", "Session storage" | RDS is persistent disk storage. ElastiCache is RAM-based caching. |
RDS Killer Keywords: "NoSQL", "key-value", "petabyte analytics", "in-memory cache", "serverless database scaling"
Amazon Aurora
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| Aurora Serverless | "Scales to zero", "Pay per ACU", "Intermittent workloads" | Provisioned Aurora doesn't scale to zero. Use Serverless v2 for auto-scaling. |
| RDS Multi-AZ | "Lower cost", "Oracle/SQL Server needed" | Aurora only supports MySQL/PostgreSQL. Use RDS for other engines. |
| DynamoDB Global Tables | "NoSQL", "Single-digit millisecond globally" | Aurora Global is relational. DynamoDB Global Tables is NoSQL multi-region. |
Aurora Killer Keywords: "Oracle", "SQL Server", "DB2", "MariaDB standalone", "scale to zero (use Serverless)"
Amazon DynamoDB
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| RDS/Aurora | "Complex joins", "ACID transactions across tables", "SQL queries", "Relational schema" | DynamoDB is NoSQL with limited transaction support. Complex joins need SQL. |
| DocumentDB | "MongoDB compatible", "MongoDB API" | DynamoDB is NOT MongoDB compatible. DocumentDB is. |
| Neptune | "Graph queries", "Relationships between entities", "Social network" | DynamoDB is key-value/document. Neptune is for graph relationships. |
| ElastiCache | "Caching layer needed" | Use DAX for DynamoDB caching, NOT ElastiCache. DAX requires no code changes. |
DynamoDB Killer Keywords: "complex joins", "ad-hoc SQL queries", "MongoDB driver", "graph database", "ACID across multiple tables"
Amazon ElastiCache
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| DAX | "DynamoDB caching" | DAX is ONLY for DynamoDB. ElastiCache is general-purpose caching. |
| Redis | "Multi-threaded", "Simplest caching" | Redis is single-threaded. Use Memcached for multi-threaded simple caching. |
| Memcached | "Data persistence", "Pub/Sub", "Complex data types", "Replication" | Memcached has NO persistence, NO replication. Redis does. |
ElastiCache Killer Keywords (for Redis vs Memcached):
Use Redis: "persistence", "replication", "sorted sets", "pub/sub", "Multi-AZ"
Use Memcached: "multi-threaded", "simple strings only", "no persistence needed"
🔴 STORAGE DISTRACTORS
Amazon S3
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| EBS | "Block storage", "Attach to EC2", "Boot volume", "Database storage" | S3 is object storage, not block. Can't mount S3 as a disk. |
| EFS | "POSIX file system", "Shared across instances", "NFS protocol" | S3 is object/API-based. EFS is NFS file system. |
| Glacier | "Archive", "Rarely accessed", "Retrieval in hours" | S3 Standard is for frequent access. Glacier is for archives. |
| FSx | "Windows file server", "Lustre HPC", "SMB protocol" | S3 doesn't support SMB/Windows shares. FSx does. |
S3 Killer Keywords: "mount as filesystem", "POSIX permissions", "block storage", "SMB protocol", "Windows NTFS"
Amazon EBS
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| EFS | "Shared across multiple instances", "NFS", "Linux file sharing" | EBS attaches to ONE instance (except Multi-Attach io1/io2). EFS is shared. |
| S3 | "Object storage", "Static website", "Unlimited storage" | EBS is block storage, limited to 64 TiB per volume. |
| Instance Store | "Ephemeral", "Highest IOPS", "Temporary data" | EBS is persistent. Instance store data is lost on stop/terminate. |
EBS Volume Selection:
gp3: Default, cost-effective SSD
io2: High IOPS, mission-critical databases
st1: Throughput (big data, streaming)
sc1: Lowest cost, infrequent access
EBS Killer Keywords: "shared filesystem", "multiple instances simultaneously" (unless "Multi-Attach io1/io2"), "unlimited capacity"
Amazon EFS
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| EBS | "Boot volume", "Single instance", "Windows" | EFS is NFS (Linux only). Can't boot from EFS. |
| FSx for Windows | "Windows", "SMB", "Active Directory", "NTFS" | EFS is Linux/NFS only. FSx for Windows supports SMB. |
| FSx for Lustre | "HPC", "Machine learning", "High throughput parallel" | EFS is general purpose. Lustre is for HPC workloads. |
| S3 | "Object storage", "Static hosting", "Versioning" | EFS is file storage with POSIX semantics, not object storage. |
EFS Killer Keywords: "Windows", "SMB", "NTFS", "high-performance computing", "boot volume"
Amazon FSx
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| FSx for Windows vs FSx for Lustre | "HPC", "ML training", "Sub-ms latency", "S3 integration" | Lustre for HPC. Windows for enterprise file shares. |
| EFS | "Windows file server", "Active Directory", "SMB" | EFS is NFS/Linux. FSx for Windows is SMB/Windows. |
| FSx for NetApp ONTAP | "Multi-protocol (NFS + SMB)", "SnapMirror", "NetApp features" | Use ONTAP for hybrid NetApp environments. |
| FSx for OpenZFS | "ZFS snapshots", "Data compression", "Linux + low latency" | Use OpenZFS for ZFS-based workloads. |
🔴 NETWORKING DISTRACTORS
AWS Global Accelerator
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| CloudFront | "Caching", "Static content", "Edge caching", "TTL" | Global Accelerator does NOT cache. It's for TCP/UDP acceleration. |
| Route 53 | "DNS routing", "Latency-based routing" | Route 53 is DNS. Global Accelerator uses Anycast IPs for network layer acceleration. |
Key Differentiator:
CloudFront: HTTP/HTTPS caching at edge
Global Accelerator: TCP/UDP acceleration, static Anycast IPs, no caching
Route 53: DNS-level routing decisions
Global Accelerator Killer Keywords: "caching", "CDN", "edge cache", "TTL", "origin shield"
Amazon CloudFront
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| Global Accelerator | "Non-HTTP protocols", "Gaming", "VoIP", "Static IPs", "TCP/UDP" | CloudFront is HTTP/HTTPS only. Global Accelerator handles TCP/UDP. |
| S3 Transfer Acceleration | "Upload acceleration to S3" | CloudFront is for delivery (download). Transfer Acceleration is for uploads. |
| Route 53 | "DNS failover", "Health checks only" | Route 53 is DNS. CloudFront is content delivery. |
CloudFront Killer Keywords: "TCP acceleration", "UDP", "gaming server", "static Anycast IP", "multicast"
NAT Gateway vs NAT Instance
| Scenario | Winner | Why Other is Wrong |
|---|
| "High availability", "Managed", "Bandwidth scaling" | NAT Gateway | NAT Instance requires manual HA setup, scaling. |
| "Port forwarding", "Bastion host", "Security groups on NAT" | NAT Instance | NAT Gateway doesn't support port forwarding or SGs. |
| "Cost-sensitive", "Low traffic" | NAT Instance | NAT Gateway has hourly + data charges. Instance can be t3.micro. |
| "45 Gbps bandwidth" | NAT Gateway | NAT Instance limited by instance type bandwidth. |
NAT Gateway Killer Keywords: "bastion", "port forwarding", "security groups on the NAT device", "jump host"
NAT Instance Killer Keywords: "managed", "highly available without setup", "45 Gbps"
VPC Peering vs Transit Gateway
| Scenario | Winner | Why Other is Wrong |
|---|
| "Simple connection between 2 VPCs" | VPC Peering | Transit Gateway is overkill for 2 VPCs, more expensive. |
| "Hub-and-spoke", "10+ VPCs", "Centralized routing" | Transit Gateway | VPC Peering doesn't scale well, no transitive routing. |
| "Transitive routing needed" | Transit Gateway | VPC Peering is NOT transitive. A↔B and B↔C doesn't give A↔C. |
| "Cross-region VPC connection" | Either | Both support cross-region, but TGW can use Inter-Region Peering. |
VPC Peering Killer Keywords: "transitive", "hub-and-spoke", "centralized", "100 VPCs"
Transit Gateway Killer Keywords: "just 2 VPCs", "simplest solution", "lowest cost"
AWS PrivateLink vs VPC Peering
| Scenario | Winner | Why Other is Wrong |
|---|
| "Expose service to thousands of VPCs" | PrivateLink | VPC Peering requires individual peering per VPC. |
| "SaaS provider exposing to customers" | PrivateLink | No IP overlap issues. Unidirectional. Scalable. |
| "Full bidirectional VPC access" | VPC Peering | PrivateLink is unidirectional (consumer → provider). |
| "Access specific service, not entire VPC" | PrivateLink | VPC Peering exposes entire VPC CIDR. |
PrivateLink Killer Keywords: "bidirectional access", "full VPC connectivity", "transitive routing"
VPC Peering Killer Keywords: "expose service only", "SaaS to multiple customers", "overlapping CIDRs"
AWS Direct Connect vs Site-to-Site VPN
| Scenario | Winner | Why Other is Wrong |
|---|
| "Quick setup", "Over the internet", "Encrypted" | Site-to-Site VPN | Direct Connect takes weeks/months to provision. |
| "Consistent latency", "High bandwidth", "1-100 Gbps" | Direct Connect | VPN goes over public internet, variable latency. |
| "Backup for Direct Connect" | Site-to-Site VPN | Use VPN as failover when DX fails. |
| "Cost-sensitive, low bandwidth needs" | Site-to-Site VPN | DX has monthly port fees. VPN is pay-per-use. |
Direct Connect Killer Keywords: "quick setup", "temporary connection", "encrypted by default" (DX is not encrypted by default)
VPN Killer Keywords: "consistent latency", "100 Gbps", "private connection", "not over internet"
🔴 MESSAGING & STREAMING DISTRACTORS
Amazon SQS
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| SNS | "Fan-out", "Push to multiple subscribers", "Pub/Sub" | SQS is point-to-point queue. SNS is pub/sub to multiple endpoints. |
| Kinesis | "Real-time streaming", "Ordered data", "Replay/Reprocess" | SQS messages are deleted after processing. Kinesis allows replay. |
| EventBridge | "Event routing", "Filtering", "SaaS integration" | SQS has no content-based filtering. EventBridge has rich event patterns. |
| MQ | "JMS", "AMQP", "Migrate from RabbitMQ/ActiveMQ" | SQS is proprietary API. MQ is for protocol compatibility. |
SQS Killer Keywords: "fan-out to multiple consumers", "real-time analytics", "replay messages", "JMS protocol"
Amazon SNS
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| SQS | "Queue", "Decoupling", "Retry logic", "Dead-letter queue" | SNS is push-based, fire-and-forget. SQS provides queue durability. |
| EventBridge | "Event patterns", "Content filtering", "SaaS events" | SNS has basic filtering. EventBridge has advanced pattern matching. |
| SES | "Email marketing", "Bulk email", "Email deliverability" | SNS sends simple notifications. SES is full email platform. |
SNS Killer Keywords: "queue messages", "process later", "guaranteed delivery with retries", "transactional email"
Kinesis Data Streams vs Kinesis Data Firehose
| Scenario | Winner | Why Other is Wrong |
|---|
| "Real-time processing", "Custom consumers", "Replay data" | Data Streams | Firehose is near real-time (60+ sec buffer), no replay. |
| "Deliver to S3/Redshift/OpenSearch", "No code", "Managed" | Firehose | Data Streams requires custom consumer code. |
| "Sub-second latency required" | Data Streams | Firehose has minimum 60-second buffer. |
| "Transform data in transit" | Firehose (with Lambda) | Firehose has built-in Lambda transformation support. |
| "Manage shard capacity" | Data Streams (or use On-Demand) | Firehose auto-scales, no shard management. |
Data Streams Killer Keywords: "no consumer code", "direct to S3", "fully managed delivery" (use Firehose)
Firehose Killer Keywords: "sub-second latency", "replay data", "multiple custom consumers", "KCL"
Amazon EventBridge vs SNS
| Scenario | Winner | Why Other is Wrong |
|---|
| "Content-based filtering", "Event patterns" | EventBridge | SNS has limited filtering. EventBridge matches JSON patterns. |
| "SaaS integration (Zendesk, Datadog, etc.)" | EventBridge | SNS doesn't have native SaaS connectors. |
| "Simple fan-out to Lambda/SQS/HTTP" | SNS | SNS is simpler and cheaper for basic pub/sub. |
| "Schedule-based events (cron)" | EventBridge | SNS cannot schedule events. EventBridge has Scheduler. |
🔴 MIGRATION DISTRACTORS
AWS DMS (Database Migration Service)
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| SCT (Schema Conversion Tool) | "Convert Oracle stored procedures", "Schema transformation" | DMS migrates data. SCT converts schemas between different engines. |
| DataSync | "File migration", "NFS/SMB to S3" | DMS is databases only. DataSync is for file systems. |
| AWS Glue | "ETL transformation", "Data catalog" | DMS is replication. Glue is ETL with transformations. |
| Snowball | "Offline data transfer", "Petabytes" | DMS is online/network-based. Snowball is physical device. |
DMS Killer Keywords: "file server migration", "NFS", "SMB", "offline transfer", "schema conversion" (use SCT)
AWS DataSync
| Often Confused With | It is WRONG if the question says... | Killer Constraint |
|---|
| Storage Gateway | "Ongoing hybrid access", "Local cache" | DataSync is for migration/sync. Storage Gateway is hybrid storage. |
| Transfer Family | "SFTP server", "Partner file transfers" | DataSync is agent-based. Transfer Family is managed SFTP/FTP. |
| S3 Replication | "S3 to S3 replication" | DataSync is on-prem to cloud. S3 Replication is cloud-to-cloud. |
| Snowball | "No network bandwidth", "Offline" | DataSync needs network. Snowball is physical shipment. |
DataSync Killer Keywords: "SFTP endpoint", "S3 to S3", "physical device", "offline transfer"
AWS Snow Family
| Device | Use Case | Killer Constraint |
|---|
| Snowcone | 8-14 TB, edge compute, IoT | Too small for petabyte migrations. |
| Snowball Edge Storage | 80 TB, data transfer | No compute. Use Compute Optimized for EC2. |
| Snowball Edge Compute | Edge compute + storage | More expensive if only data transfer needed. |
| Snowmobile | 100 PB, exabyte-scale | Overkill for anything under 10 PB. |
Snow Family Killer Keywords:
Use Snowcone: "small", "drone", "IoT", "8 TB"
Use Snowball: "tens of terabytes", "no compute needed"
Use Snowmobile: "exabyte", "data center migration"
DON'T use Snow: "real-time", "continuous sync", "fast network available"
🔴 SECURITY DISTRACTORS
AWS WAF vs AWS Shield
| Scenario | Winner | Why Other is Wrong |
|---|
| "SQL injection", "XSS", "Layer 7 attacks", "IP blocking" | WAF | Shield is DDoS only. WAF handles application-layer attacks. |
| "DDoS protection", "Volumetric attacks", "SYN floods" | Shield | WAF doesn't protect against infrastructure-layer DDoS. |
| "Rate limiting" | WAF | WAF has rate-based rules. Shield doesn't do rate limiting. |
| "Always-on DDoS protection" | Shield Standard (free) | Shield Standard is automatic on all AWS resources. |
| "24/7 DDoS Response Team" | Shield Advanced | Only Advanced includes DRT access and cost protection. |
WAF Killer Keywords: "DDoS", "volumetric", "layer 3/4 attack", "network flood"
Shield Killer Keywords: "SQL injection", "XSS", "bot protection", "application firewall"
AWS KMS vs CloudHSM
| Scenario | Winner | Why Other is Wrong |
|---|
| "Managed encryption keys", "AWS integrated" | KMS | CloudHSM requires you to manage HSM cluster. |
| "FIPS 140-2 Level 3", "Regulatory compliance", "Single-tenant" | CloudHSM | KMS is FIPS 140-2 Level 2. CloudHSM is Level 3. |
| "SSL/TLS offloading", "Oracle TDE" | CloudHSM | Some apps require direct HSM access that KMS doesn't provide. |
KMS Killer Keywords: "FIPS 140-2 Level 3", "single-tenant HSM", "custom key store full control"
CloudHSM Killer Keywords: "fully managed", "no HSM management", "pay per API call"
Secrets Manager vs Systems Manager Parameter Store
| Scenario | Winner | Why Other is Wrong |
|---|
| "Automatic rotation for RDS" | Secrets Manager | Parameter Store has no built-in rotation. |
| "Simple configuration values", "Non-secrets" | Parameter Store | Cheaper, free tier, hierarchical. Overkill for non-secrets. |
| "Cross-account secret sharing" | Secrets Manager | Native support for cross-account access. |
| "Free tier needed" | Parameter Store | Secrets Manager costs $0.40/secret/month. |
Secrets Manager Killer Keywords: "free", "configuration parameters", "non-sensitive data"
Parameter Store Killer Keywords: "automatic rotation", "RDS password rotation", "$0 cost not priority"
Amazon Cognito vs IAM
| Scenario | Winner | Why Other is Wrong |
|---|
| "Web/mobile app users", "Social login", "Self-registration" | Cognito | IAM is for AWS service access, not external users. |
| "Service-to-service auth", "AWS API access" | IAM | Cognito is for human identity, not machine-to-machine. |
| "Federated SAML to AWS Console" | IAM Identity Center (SSO) | Cognito is for apps, not AWS Console federation. |
Cognito Killer Keywords: "AWS Console access", "service role", "EC2 instance role"
IAM Killer Keywords: "mobile app", "customer login", "social identity provider"
🔴 ANALYTICS DISTRACTORS
Amazon Athena vs Redshift
| Scenario | Winner | Why Other is Wrong |
|---|
| "Ad-hoc queries on S3", "Serverless", "Pay per query" | Athena | Redshift requires cluster provisioning. |
| "Complex joins", "Data warehouse", "Petabyte analytics" | Redshift | Athena is for quick queries, not optimized warehousing. |
| "Structured data in S3" | Either | Athena for ad-hoc; Redshift Spectrum for DW integration. |
| "Dashboards and BI" | Redshift + QuickSight | Athena is query engine, not BI. |
Athena Killer Keywords: "data warehouse", "cluster", "always-on analytics", "sub-second dashboard"
Redshift Killer Keywords: "serverless queries", "no infrastructure", "pay only when querying"
AWS Glue vs Lambda
| Scenario | Winner | Why Other is Wrong |
|---|
| "Large-scale ETL", "Apache Spark", "PB-scale" | Glue | Lambda max 15 min, 10 GB. Can't handle big data. |
| "Small file transformations", "Event-driven" | Lambda | Glue has startup time. Lambda is faster for small jobs. |
| "Data catalog / Metastore" | Glue | Glue Data Catalog is Hive-compatible. Lambda has no catalog. |
Amazon EMR vs AWS Batch
| Scenario | Winner | Why Other is Wrong |
|---|
| "Hadoop", "Spark", "Hive", "Presto" | EMR | Batch doesn't run big data frameworks. |
| "Docker containers", "Any workload" | Batch | EMR is specifically for big data frameworks. |
| "Job scheduling/dependencies" | Either | Batch is simpler for generic jobs. EMR for big data. |
🎯 QUICK REFERENCE: KILLER KEYWORD CHEAT SHEET
| If Question Says... | Eliminate These | Choose Instead |
|---|
| "Serverless" | EC2, RDS (provisioned), EMR (managed) | Lambda, Fargate, Aurora Serverless, DynamoDB |
| "Petabyte" | Lambda, single RDS instance | Redshift, EMR, Glue, S3 |
| "Sub-second latency" | Glacier, Firehose, S3 IA | ElastiCache, DynamoDB, DAX |
| "Real-time streaming" | SQS, Firehose (if <60s needed) | Kinesis Data Streams |
| "Replay / Reprocess" | SQS, Firehose | Kinesis Data Streams |
| "Fan-out to multiple" | SQS (without SNS) | SNS, EventBridge |
| "Windows" | EFS | FSx for Windows |
| "HPC / ML training" | EFS, S3 | FSx for Lustre |
| "POSIX file system" | S3 | EFS, FSx |
| "Static Anycast IP" | CloudFront | Global Accelerator |
| "Caching at edge" | Global Accelerator | CloudFront |
| "MongoDB compatible" | DynamoDB | DocumentDB |
| "Graph database" | DynamoDB, RDS | Neptune |
| "Complex SQL joins" | DynamoDB | RDS, Aurora, Redshift |
| "15 minutes+" | Lambda | Fargate, Batch, Step Functions |
| "Automatic rotation" | Parameter Store | Secrets Manager |
| "FIPS 140-2 Level 3" | KMS | CloudHSM |
| "DDoS protection" | WAF alone | Shield (+ WAF for L7) |
| "SQL injection" | Shield alone | WAF |
| "Transitive routing" | VPC Peering | Transit Gateway |
| "Offline transfer" | DataSync, DMS | Snow Family |
| "Quick hybrid setup" | Direct Connect | Site-to-Site VPN |