Application Gateway Overview

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It provides routing, load balancing, and security features for your applications, allowing you to reliably scale your applications and provide high availability.

What is Application Gateway?

Application Gateway is a Layer 7 (HTTP/HTTPS) load balancer that routes client requests to backend pools based on configured rules. It supports various routing capabilities such as round robin, least connections, and session affinity. It also offers features like SSL/TLS termination, end-to-end SSL encryption, Web Application Firewall (WAF), cookie-based session affinity, URL-based content routing, and host-based routing.

Web Application Firewall (WAF)

Provides centralized protection for your web applications from common exploits and vulnerabilities.

Load Balancing

Distributes incoming traffic across multiple backend servers for improved performance and availability.

SSL/TLS Termination

Offloads SSL/TLS decryption from your web servers, simplifying certificate management and improving performance.

Advanced Routing

Supports URL-path-based routing, host-based routing, and HTTP header-based routing for flexible traffic management.

Health Probes

Continuously monitors the health of backend instances, automatically removing unhealthy instances from service.

End-to-end SSL Encryption

Ensures that traffic is encrypted all the way from the client to the backend server.

Key Benefits

High Availability: Distributes traffic and can handle failures gracefully.
Scalability: Automatically scales based on traffic load.
Security: Protects your applications with WAF and SSL/TLS capabilities.
Performance: Optimizes traffic flow and offloads SSL/TLS processing.
Flexibility: Offers advanced routing rules to suit complex application architectures.

Use Cases

Application Gateway is ideal for a variety of scenarios, including:

Load balancing traffic to a group of web servers (e.g., in a virtual machine scale set).
Providing a single point of access for multiple applications running on different backend servers.
Implementing Web Application Firewall (WAF) to protect against common web attacks like SQL injection and cross-site scripting.
Enabling SSL/TLS offloading for better performance and simplified certificate management.
Creating a secure gateway for microservices architectures.

Note: Application Gateway operates at Layer 7 (HTTP/HTTPS) and is designed for HTTP/HTTPS traffic. For Layer 4 (TCP/UDP) load balancing, consider using Azure Load Balancer.

Getting Started

You can create and configure an Application Gateway through the Azure portal, Azure CLI, or PowerShell. Refer to the How-to Guides for detailed instructions on common tasks.

Explore the Concepts section to understand the core components and functionalities of Application Gateway.