Reliability and Azure Front Door
A scalable and secure entry point, Azure Front Door provides fast delivery of your global web applications. Front Door uses the Microsoft global edge network to create fast, secure, and widely scalable web applications.
Key features include:
- Accelerated application performance by using split TCP-based anycast protocol.
- Intelligent health probe monitoring for backend resources.
- URL-path based routing for requests.
- Enables hosting of multiple websites for efficient application infrastructure.
- Cookie-based session affinity.
For more key features and information, reference Why use Azure Front Door?
To understand how Azure Front Door creates a more reliable workload, reference the following topics:
Have you configured Azure Front Door with reliability in mind?
- Use WAF policies in Front Door. Lock down Application Gateway to receive traffic only from Azure Front Door when using Azure Front Door and Application Gateway to protect
- Use Azure Front Door Web Application Firewall (WAF) policies to provide global protection across Azure regions for inbound
HTTP/Sconnections to a Landing Zone.
- Create a rule to block access to the health endpoint from the internet.
- Ensure that the connection to the back-end is re-encrypted.
- Evaluate the four traffic routing configurations in Azure Front Door.
Consider the following recommendation to optimize reliability when configuring Azure Front Door:
|Use WAF policies in Front Door. Lock down Application Gateway to receive traffic only from Azure Front Door when using Azure Front Door and Application Gateway to protect
||Certain scenarios can force a customer to implement rules specifically on AppGateway: For example, if ModSec Core Rule Set (CRS)
|Ensure that the connection to the back-end is re-encrypted.||Front Door doesn't support SSL passthrough. Front Door must hold the certificate to terminate the encrypted inbound connection.|
|Evaluate the four traffic routing methods in Azure Front Door.||The Front Door service supports various traffic-routing methods to determine how to route your