What's the difference? aka.ms/Azure/LoadBalancers

In Azure or on-premises, there are many different types of load balancers to use. While the basic concept is the same, they all do things slightly differently. In this post I am to help all of us determine if when and why I would use any of the possibilities that are out there. You have three options built right into Azure plus many of your favorite load balancers out there in the Azure Marketplace. We'll focus only on what you can get without going shopping to the Marketplace.

Let's start with the big picture of the three options first. For traffic manager, which is geographic load balancing for endpoints, I am just going to provide a couple of resources for you.

1. Overview of Traffic Manager - aka.ms/Azure/Traffic
2. Channel 9 - How Traffic Manager Works

Following the big picture below, I want to focus on comparing and contrasting Azure Load Balancer (level 4) versus Application Gateway (level 7) load balancers.

Comparison of Azure Load Balancer and App Gateway

Feature	ALB	App GW
Technology	Transport Layer 4	Application Level 7
Application Protocols Supported	Any	HTTP & HTTPS
IP Reservation	Supported	Not Supported
Endpoints	Virtual Machines and Cloud Services role instances	Any Azure Internal or Public IP Address
SSL Offloading	Not supported	Supported
Scale up	Automatic Reconfiguration
Service Monitoring	Health Probes	Health Probes
Distribution Mode	Hash Based or Source	Round Robin & Path Pattern
Application Support	Internal/External facing	Internal/External facing
Port Forwarding	Map internal/external ports	N/A
SNAT	On all Outbound Internet traffic Also supports Full Cone NAT for UDP	N/A

Source for table Load Balancer Differences

Recently the Azure Application Gateway also just announced its Web Application Firewall (WAF). The "Overview" section discusses the OWASP top 10 web vulnerabilities that are protected by this functionality.