![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 18%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
Internet Information Services
Microsoft web server software.
1,583 questions
@Veera ,
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are in the middle of migrating your OnPrem IIS servers to Azure.
I am not aware of the features provided by ARR+NLB layer, however, I can list the features available at Application Gateway and WAF.
App Gateway:
- Azure Application Gateway is a web traffic (OSI layer 7) load balancer that enables you to manage traffic to your web applications. More like a reverse proxy.
- You can add VMs in Azure to the backend pool of App gateway, this means you can add IIS Servers without an issue.
- See : Backend pools
App Gateway WAF:
- See : What is Azure Web Application Firewall on Azure Application Gateway
- WAF on Application Gateway is based on the Core Rule Set (CRS) from the Open Web Application Security Project (OWASP).
- Features : https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview#features
- In addition to the above, it lets you create Custom rules and includes Bot protection rule set
- Please note that you should Tune your WAF according to your requirements/environment should you feel you are facing a large number of false positives.
- You may do it by
1.Creating exclusions
2.Creating custom WAF rules
3.or Disabling the Rule ID matched
Should you have any specific feature requirement, please do let us know and I shall confirm if it is available in WAF or not.
Hope this helps.
Thanks,
Kapil
