<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

What is Microsoft Application Gateway?

microsoft application gateway

Microsoft Application Gateways operates as a load balancer for your applications, enabling you to manage web traffic that goes through them. 

In contrast to traditional load balancers, which operate at the transport level and then route your traffic by using source IP address and port to deliver data to a destination IP and port, Application Gateway is using additional attributes such as URI (Uniform Resource Identifier) path and host headers. 

Classic load balances thus operate at OSI layer 4 - TCP and UDP, while Application Gateway operates at application layer OSI layer 7 for load balancing.

 

How Microsoft Application Gateway Works 

The core functionality of Microsoft Application Gateway, or Azure Application Gateway, is to balance your web traffic and enable you to manage traffic to your web applications. 

Below is a schematic diagram showing the operational workflow of the gateway. 

 

How Azure Application Gateway Operates 

Azure_Application_Gareway_Operation

Source: Microsoft

Basically, Application Gateway is an application delivery as a service controller that is highly scalable and available for multi-instance deployments. It supports centralized SSL (Secure Sockets Layer) offload and SSL policies cookie-based session affinity. 

The service-level agreement (SLA) guarantees 99.95 percent availability for a customizable layer 7 load-balancing solution with an integrated firewall. The platform works for public, private and hybrid websites and uses Azure APIs to connect anoperate.

 

Key Features of Application Gateway 

Application Gateway is a feature-rich solution for load balancing that can operate as an internet-facing gateway, an internal-only gateway, or mix of both concepts. It offers the following core features.

 

Web Application Firewall 

An integrated firewall protects against common web vulnerabilities as well as session hijacks, cross-site scripting breaches and SQL injections. You can create custom monitoring rules and bind rules into groups, which in turn enables you to limit false positives and tweak the firewall rules to meet your specific requirements.

 

End-to-End SSL and Secure Sockets Layer Offload 

Application Gateways supports encryption from front end to back end, which secures your data The Secure sockets layer offloading eliminates the need for decrypting the HTTPS traffic off client web servers. 

 

Cookie-based Session Affinity 

This feature helps a user to maintain the user session on similar back end. The tool deploys Gateway-managed cookies and then routes the traffic from the user session to the related back end, which in turn enables processing. It is a critical function when you have a session saved locally on back-end servers. 

 

Automatic Scaling 

An autoscaling feature enables the creation of web front instances with high availability Azure Application Gateway automatically scales instances depending on the amount of web traffic to your applications. 

 

Deep Azure Integrations 

Application Gateway integrates with a number of Azure services to offer multiple-region redirection, automatic failover and zero-downtime maintenance. The solution allows for instantly using services such as Azure Virtual Machines, the Web Apps feature of Azure App Service, Azure Monitor and Azure Security Center. 

Thus, you get a centralized monitoring alerting and an application health dashboard. You can also use the Key Vault, which tracks all of your SSL certificates and renews the automatically.

Other useful features of Microsoft Application Gateway include functions such as redirection of HTTP requests to an HTTPS listener and SSL policies and ciphers feature enabling you to restrict the supported cipher suites and SSL protocol versions. 

 

How Much Does Application Gateway Cost?

Microsoft offers its Application Gateway with different pricing tiers depending on the total usage time and the gateway type. 

As the solution is on offer as a SaaS platform, there are no upfront fees and no contract termination fees. The terms and conditions offer the standard clauses for a pay-as-you-go contract. 

Here is how a basic pricing plan would work for an organization operating from the Central U.S. region. 

 

Basic Pricing for Application Gateway 

Azure_Application_Gareway_PricingSource: Microsoft 

Therefore, the price of a small application gateway with no firewall service starts at about $18 a month for 730 hours of usage per month. 

The basic gateway price goes up to around $233 a month for 730 hours of operation when you opt for a large gateway type with a firewall. You should take into account that the firewall usage will cost an additional $327 a month, according to estimates. 

Multiple instances are being charged separately so calculate each instance. 

 

Conclusion 

To conclude, Microsoft Application Gateway is a scalable load-balancing controller offering high availability and integrations with different Azure services. 

Application Gateway users praise the ease of use of the solution in many online reviews while another advantage is that it is automatically updated and patched, as it is a SaaS product. Other noticeable benefits include the availability of plenty of customization options and the application of custom traffic rules and groups of traffic rules.

 

Datashield understands Microsoft security.

Contact us today for a no-cost consultation

Topics from this Article

Microsoft, Application Security, Firewall, Cyber Security

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

What is Microsoft Azure Virtual Network?

Azure Virtual Network (VNet) is a platform enabling you to create and maintain private networks in the context of Azure cloud and services. VNet works in a similar fashion a network in a data center works while introducing added advantages such as scale, availability, and isolation. 

What is Microsoft Azure Traffic Manager?

Azure Traffic Manager is a DNS-based load balancer to manage user traffic distribution of service endpoints in different data centers. This tool can service any of the Azure global regions and secure an optimal level of availability and responsiveness for your services. 

What is Microsoft Azure ExpressRoute?

Microsoft Azure ExpressRoute is a connector that uses a connectivity provider to extend your on-premises networks into the Microsoft Azure and Microsoft 365 clouds over a private connection.