Azure Application Gateway

Azure Documentation > Networking > Application Gateway > Overview

Azure Application Gateway Overview

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It provides features such as load balancing, web application firewall (WAF), and SSL termination.

What is Application Gateway?

Application Gateway is a Layer 7 load balancer. It uses the Domain Name System (DNS) name of the app gateway to direct specific traffic on the virtual IP address to back-end pools. The application gateway and its resources are a new type of deployment in your virtual network, which can be standalone or deployed in a virtual network that also contains your virtual machines to host your back-end applications.

Key Benefits

  • High Availability: Distributes traffic across multiple instances of your application to ensure continuous availability.
  • Scalability: Automatically scales up or down based on traffic demand.
  • Web Application Firewall (WAF): Protects your web applications from common web exploits and vulnerabilities such as SQL injection, cross-site scripting, and more.
  • SSL Termination: Offloads SSL decryption from your web servers, simplifying management and improving performance.
  • Cookie-based session affinity: Directs traffic from a specific user to the same back-end server.
  • URL Path-based routing: Routes traffic to different back-end pools based on the request URL.
  • Host-based routing: Routes traffic to different back-end pools based on the host name in the request.
  • Redirection: Redirects HTTP traffic to HTTPS.
  • Rewrite HTTP headers: Allows you to modify HTTP requests and responses.

When to Use Application Gateway?

Application Gateway is ideal for scenarios where you need:

  • To load balance HTTP and HTTPS traffic.
  • To perform Layer 7 load balancing.
  • To provide a Web Application Firewall (WAF) for your applications.
  • To handle SSL termination.
  • To route traffic based on URL paths or host names.
  • To redirect HTTP traffic to HTTPS.
Note: Application Gateway operates at the application layer (Layer 7) and is designed for HTTP/HTTPS traffic. For Layer 4 (TCP/UDP) load balancing, consider Azure Load Balancer.

Components

Application Gateway consists of several components:

  • Frontend IP configuration: A public or private IP address that the gateway listens on.
  • Listeners: Checks for incoming requests based on IP address, port, protocol, and host.
  • Rules: Route traffic to a specific back-end pool based on listener and path-based or host-based routing settings.
  • HTTP settings: Configures the back-end pool connection, including protocol, port, and cookie-based affinity.
  • Back-end pools: A set of virtual machines or services that will receive traffic from the application gateway.
  • Health probes: Monitor the health of back-end instances.
Tip: You can deploy Application Gateway with a fixed size or autoscaling. Autoscaling adjusts the throughput based on traffic load.

Learn More

Explore the following resources to deepen your understanding: