should I choose azure application gateway or load balancer or front door or traffic manager?

6
votes

I have a SaaS web app developed with Angular 8 and Asp.net Core Web API. I have deployed web api to a azure web app and deployed angular front-end web app to another azure web app as well.

The users are from China and Australia and other countries. I want to have region load balance like Chinese users uses web app on china azure region and australian users use Australian azure region web app so that it has best performance. Azure SQL DB will be in one place (in australia).

In addition, i want to prevent attacking to web front app and web api like d-dos, web scraping and SQL injection. For web scraping, i want to add access rate limitation from one ip.

Can you please advise what service i should use? I saw the blog talking about azure application gateway, azure load balancer, azure front door and azure traffic manager. It is a bit confusing to me. I need a best practise based on my this real world scenario. Should I use one of the service or should I use multiple services?

1
azure-web-app-serviceazure-application-gatewayazure-load-balancerazure-front-door

1 Answers

8
votes

Based on your requirement:

  1. Since the Backend Resource is Web App, you can ignore Load balancer (Layer 4) where you can only add VMs or VMSS
  2. Your another requirement is WAF, and it is only available in AFD and AppGW. But you can use Traffic Manager as first Tier Load balancing and have AppGW in the different regions to provide high resilience.
  3. As you want users from specific country to reach nearest backend resource, it seems like, the best solution for you is AFD.

AFD is a global Load balancer. It has WAF capability. It can Cache the data and provide quicker responses(CDN functionality). AFD uses an intelligent probing mechanism, through which it chooses the endpoint which is closer to the client who is making the request.

Hope this helps.