Application Gateway VS Azure Front Door

Emmanuel Gaid 41 Reputation points
2024-09-30T08:34:31.23+00:00

Hi, I’m trying to understand when to use Azure Front Door versus Application Gateway. We’re serving different types of applications, some built with SPA or the MEAN stack, and most of the time, global reach is required. Additionally, we have VMs hosting enterprise applications and consist of terrabytes of data which also hosted on a VM as well. While they seem to serve similar purposes, I believe each service has its own best use case. Could you explain the differences, focusing on the technical aspects?

Azure Load Balancer
Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
441 questions
{count} votes

Accepted answer
  1. Ganesh Patapati 735 Reputation points Microsoft Vendor
    2024-09-30T18:31:39.0966667+00:00

    Hi Emmanuel Gaid,

    Greetings,

    Welcome to Microsoft's Q&A platform! Thank you for asking this inquiry.

    Here is the ref blog that points the differences in WAF features/offerings in AFD, APPGW and CDN.

    Here are some differences based on their actions:

    • Front Door can perform path-based load balancing only at the global level but if one wants to load balance traffic even further within their virtual network (VNET) then they should use Application Gateway.
    • Front Door doesn't work at a VM/container level, so it cannot do Connection Draining. However, Application Gateway allows you to do Connection Draining.
    • Front Door and Application Gateway both support session affinity. While Front Door can direct subsequent traffic from a user session to the same cluster or backend in a given region, Application Gateway can direct affinitize the traffic to the same server within the cluster.
    • For Load balancers and Application gateway, Health probes are used to check the backend health and take the servers out of rotation when they are unhealthy. However, in AFD, heath probes are not only used for tracking the health of the backend and taking the unhealthy servers out of rotation but also to route the traffic to the server based on latency, priority and weights.

    Azure Front Door

    Azure Front Door is a modern, cloud-based CDN (Content Delivery Network) and edge platform that provides fast, secure, and scalable delivery of web applications and APIs. It's designed to accelerate global reach, improve performance, and enhance security for modern web applications.

    Best use cases:

    • Modern web applications (SPAs, MEAN stack, etc.) that require global reach and fast performance.
    • Applications with high traffic volumes, requiring caching and content delivery.
    • APIs that require secure, scalable, and fast delivery.

    Application Gateway

    Application Gateway is a fully managed, layer 7 load balancer that provides application delivery, security, and analytics. It's designed to provide advanced traffic management, security, and insights for applications.

    Best use cases:

    • Enterprise applications hosted on VMs, requiring advanced traffic management and security.
    • Applications with complex routing requirements, such as URL-based routing or cookie-based session affinity.
    • Applications that require detailed analytics and insights into traffic and performance.

    Key differences

    • Architecture: Front Door is edge-based, while Application Gateway is virtual machine-based.
    • Load balancing: Front Door provides anycast-based load balancing, while Application Gateway provides layer 7 load balancing.
    • Use cases: Front Door is ideal for modern web applications and APIs, while Application Gateway is better suited for enterprise applications and complex traffic management scenarios.

    In your scenario, if you're serving modern web applications (SPAs, MEAN stack, etc.) that require global reach and fast performance, Azure Front Door might be the better choice. However, if you're hosting enterprise applications on VMs with complex traffic management requirements, Application Gateway could be a better fit.


    If you are still facing any further issues, please don't hesitate to reach out to us.

    We are happy to assist you.

    Looking forward to your response and appreciate your time on this.

    Regards,

    Ganesh


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.