Az104 — Application Gateway

· Application Gateway manages the requests that client applications can send to a web app.

· Application Gateway routes traffic to a pool of web servers based on the URL of a request.

· This is known as application layer routing

· Clients send requests to your web apps to the IP address or DNS name of the gateway.

· The gateway routes requests to a selected web server in the back-end pool, using a set of rules configured for the gateway to determine where the request should go.

· There are two primary methods of routing traffic, path-based routing and multiple site hosting.

· Path-based routing enables you to send requests with different paths in the URL to a different pool of back-end servers.

· For example, you could direct requests with the path /video/* to a back-end pool containing servers that are optimized to handle video streaming, and direct /images/* requests to a pool of servers that handle image retrieval.

· Multiple site hosting enables you to configure more than one web application on the same application gateway instance.

· In a multi-site configuration, you register multiple DNS names (CNAMEs) for the IP address of the Application Gateway, specifying the name of each site.

· Client requests are received through a front-end IP address.

· You can configure Application Gateway to have a public IP address, a private IP address, or both.

· Application Gateway can’t have more than one public and one private IP address.

· Application Gateway uses one or more listeners to receive incoming requests.

· A listener accepts traffic arriving on a specified combination of protocol, port, host, and IP address.

· A routing rule also has an associated set of HTTP settings.

· These settings indicate whether (and how) traffic is encrypted between Application Gateway and the back-end servers, and other configuration information such as:

  • Protocol (HTTP or HTTPS).
  • Session stickiness, to pass all requests in a client session to the same web server rather than distributing them across servers with load balancing.
  • Connection draining, to enable the graceful removal of servers from a back-end pool.
  • Request timeout period, in seconds.
  • Health probes, specifying a probe URL, time out periods, and other parameters used to determine whether a server in the back-end pool is available.

· The Web Application Firewall (WAF) is an optional component that handles incoming requests before they reach a listener.

· The web application firewall checks each request for many common threats, based on the Open Web Application Security Project (OWASP).

· These include:

  • SQL-injection
  • Cross-site scripting
  • Command injection
  • HTTP request smuggling
  • HTTP response splitting
  • Remote file inclusion
  • Bots, crawlers, and scanners
  • HTTP protocol violations and anomalies

· Application Gateway requires a virtual network in which to operate.

· You must create this virtual network and a dedicated subnet before setting up Application Gateway.

· You can create an Application Gateway on the Standard tier or the WAF tier.

· You also have a choice of three sizes with varying performance, pricing, and scalability: Small, Medium, and Large.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Setumo Raphela

Setumo Raphela


Entrepreneur | Data Scientist | AI | Jet Skier | Author |Oracle