Microsoft Application Gateways operates as a load balancer for your applications, enabling you to manage web traffic that goes through them.
In contrast to traditional load balancers, which operate at the transport level and then route your traffic by using source IP address and port to deliver data to a destination IP and port, Application Gateway is using additional attributes such as URI (Uniform Resource Identifier) path and host headers.
Classic load balances thus operate at OSI layer 4 - TCP and UDP, while Application Gateway operates at application layer OSI layer 7 for load balancing.
How Microsoft Application Gateway Works
The core functionality of Microsoft Application Gateway, or Azure Application Gateway, is to balance your web traffic and enable you to manage traffic to your web applications.
Below is a schematic diagram showing the operational workflow of the gateway.
How Azure Application Gateway Operates
Basically, Application Gateway is an application delivery as a service controller that is highly scalable and available for multi-instance deployments. It supports centralized SSL (Secure Sockets Layer) offload and SSL policies cookie-based session affinity.
The service-level agreement (SLA) guarantees 99.95 percent availability for a customizable layer 7 load-balancing solution with an integrated firewall. The platform works for public, private and hybrid websites and uses Azure APIs to connect and operate.
Key Features of Application Gateway
Application Gateway is a feature-rich solution for load balancing that can operate as an internet-facing gateway, an internal-only gateway, or a mix of both concepts. It offers the following core features.
Web Application Firewall
An integrated firewall protects against common web vulnerabilities as well as session hijacks, cross-site scripting breaches and SQL injections. You can create custom monitoring rules and bind rules into groups, which in turn enables you to limit false positives and tweak the firewall rules to meet your specific requirements.
End-to-End SSL and Secure Sockets Layer Offload
Application Gateways supports encryption from front end to back end, which secures your data The Secure sockets layer offloading eliminates the need for decrypting the HTTPS traffic off client web servers.
Cookie-based Session Affinity
This feature helps a user to maintain the user session on a similar back end. The tool deploys Gateway-managed cookies and then routes the traffic from the user session to the related back end, which in turn enables processing. It is a critical function when you have a session saved locally on back-end servers.
An autoscaling feature enables the creation of web front instances with high availability Azure Application Gateway automatically scales instances depending on the amount of web traffic to your applications.
Deep Azure Integrations
Application Gateway integrates with a number of Azure services to offer multiple-region redirection, automatic failover and zero-downtime maintenance. The solution allows for instantly using services such as Azure Virtual Machines, the Web Apps feature of Azure App Service, Azure Monitor and Azure Security Center.
Thus, you get a centralized monitoring alerting and an application health dashboard. You can also use the Key Vault, which tracks all of your SSL certificates and renews the automatically.
Other useful features of Microsoft Application Gateway include functions such as redirection of HTTP requests to an HTTPS listener and SSL policies and ciphers feature enabling you to restrict the supported cipher suites and SSL protocol versions.
How Much Does Application Gateway Cost?
Microsoft offers its Application Gateway with different pricing tiers depending on the total usage time and the gateway type.
As the solution is on offer as a SaaS platform, there are no upfront fees and no contract termination fees. The terms and conditions offer the standard clauses for a pay-as-you-go contract.
Here is how a basic pricing plan would work for an organization operating from the Central U.S. region.
Basic Pricing for Application Gateway
Therefore, the price of a small application gateway with no firewall service starts at about $18 a month for 730 hours of usage per month.
The basic gateway price goes up to around $233 a month for 730 hours of operation when you opt for a large gateway type with a firewall. You should take into account that the firewall usage will cost an additional $327 a month, according to estimates.
Multiple instances are being charged separately so calculate each instance.
To conclude, Microsoft Application Gateway is a scalable load-balancing controller offering high availability and integrations with different Azure services.
Application Gateway users praise the ease of use of the solution in many online reviews while another advantage is that it is automatically updated and patched, as it is a SaaS product. Other noticeable benefits include the availability of plenty of customization options and the application of custom traffic rules and groups of traffic rules.