What is Azure Application Gateway?
Azure Application Gateway is a Layer-7 load balancer specifically designed for web applications. The service intelligently distributes incoming HTTP/HTTPS traffic to backend servers while providing advanced features like Web Application Firewall (WAF), SSL termination, and URL-based routing.
Unlike traditional network load balancers, Application Gateway operates at the application layer and can make decisions based on HTTP headers, cookies, or URL paths.
Core Features
- Layer-7 load balancing with URL-based and path-based routing
- Integrated Web Application Firewall (WAF) using OWASP Core Rule Set
- SSL/TLS termination and end-to-end encryption
- Autoscaling based on traffic patterns
- Session affinity (cookie-based session persistence)
- WebSocket and HTTP/2 support
Typical Use Cases
Multi-tier web applications: Distribute traffic to different backend pools based on URL paths. For example, API requests can be routed to one pool while static content goes to another.
Security-critical applications: The integrated WAF automatically blocks attacks like SQL injection and cross-site scripting without additional appliances.
Microservices architectures: URL-based routing enables distribution of requests to different microservices under a single domain.
Benefits
- Simplified architecture by combining load balancer and WAF
- Automatic scaling without manual capacity planning
- Native integration with Azure services like App Service and AKS
- Centralized SSL certificate management reduces complexity
Frequently Asked Questions
What is the difference between Application Gateway and Azure Load Balancer?
Azure Load Balancer operates at Layer 4 (TCP/UDP) and distributes traffic based on IP and port. Application Gateway operates at Layer 7 (HTTP/HTTPS) and can make routing decisions based on URLs, headers, and cookies. For web applications, Application Gateway is usually the better choice.
Which WAF rules are supported?
Application Gateway WAF supports OWASP Core Rule Set 3.2 and provides protection against the OWASP Top 10 threats. Additionally, custom rules can be created to cover specific requirements.
How does autoscaling work?
Application Gateway v2 automatically scales based on traffic metrics. The number of instances is adjusted within minutes. For cost optimization, minimum and maximum instance counts can be configured.
Can I host multiple websites on one Application Gateway?
Yes, multi-site hosting enables hosting multiple websites on a single Application Gateway instance. Each website can have different backend pools and settings.
Integration with innFactory
As a Microsoft Solutions Partner, innFactory supports you with Azure Application Gateway: architecture design, WAF configuration, performance optimization, and cost management.
