Azure Networking: all you should know about the new Application Gateway

The Application Gateway is the offer for application delivery controller as-a-service present in Azure that enables customers to make the application republishing, with integrated layer-7 load balancing, Security and Web Application Firewall (WAF). Microsoft recently announced the availability of a fully revised version of Azure Application Gateway and its Web Application Firewall module (WAF). This article lists the improvements and additional features that are present in the new SKUs, calls respectively Standard_v2 and WAF_v2.

Enhancements and new features

The following section shows the areas where the new Azure Application Gateway version has made improvements and additional features.

Figure 1 - Diagram with the new features of SKU V2

Scalability

The new version of Azure Application Gateway allows you to automatically perform a scale-up or a scale-down of the number of instances to use, based on traffic detected towards the applications republished. In this way the size of the Application Gateway will always be suitable to support the necessary traffic and will not be more appropriate sizing this component to maximum capacity to sustain moments with traffic spikes. Consequently, with this feature you can get significant cost savings in scenarios where there are workloads that do not have a homogeneous flow, but subject to change.

Zone redundancy

In the new SKU it is possible to do the deployment of the Application Gateway in different areas of availability (availability zone) so as not to be subject to disruptions in the event of problems related to the single zone of Azure. This method of deployment allows increasing the resilience of published applications.

Public Static IP Assignment

The Virtual IP Address assigned to the Application Gateway can be static, thus ensuring a constant IP address assignment for the lifetime of the component. This feature is particularly useful for managing rules on Azure external firewall systems and for web publishing scenarios of Azure Web App.

Header Rewrite

Header Rewrite functionality allows you to easily manage the publications of applications as it is allowed to add, remove or modify HTTP request and response headers, directly from the Application Gateway and without needing to change the code of the application.

Performance

The adoption of the new Application Gateway SKU allows a significant improvement in performance during the provisioning and during the configuration update activities. In addition, it shows an improvement in performance, up to 5 times higher than the previous SKU, in SSL offloading scenarios.

The recommendation

For all new implementations is raccomanded to consider the adoption of the new Azure Application Gateway SKU, while for those who are making application publications by Application Gateway V1, it is recommended that you migrate the SKU V2 quickly, for the following reasons:

  • New features and improvements: Migrating to new SKU you can benefit from the improvements and new features listed above.
  • Cost: view the new pricing policy adopted for the SKU V2, based on consumption and no longer on the size and the number of instances, this may be generally more convenient than SKU V1. For more information on the costs of the new Azure Application Gateway version, you can see the relative costs page.
  • Platform support: soon Microsoft will disable the ability to create new Application Gateway V1. In addition, in the future, Microsoft will release additional new features, but most of these will be released exclusively for the SKU V2.

As migration occurs to the SKU V2

Currently the Azure platform does not provide an automatic procedure to migrate from V1 to V2 SKU, but it is necessary to proceed with a side-by-side migration. To proceed with this activity is necessary a suitable preliminary analysis to verify the presence of all the necessary requirements. The migration of existing configuration can be done through Special scripts of support, but may still be required manual activities. Completed the configuration of all settings to the new Azure Application Gateway V2 you need to redirect the flow of traffic coming from client to the new Application Delivery Service.

Conclusions

The introduction of the new features described above makes the offer of application delivery controller as-a-service available in Azure platform even more complete and functional, to the point of being highly competitive with other vendor solutions, long established on the market. To be constantly updated with the rapid evolution of the cloud is recommended to determine as soon as possible the transition to the new Application Gateway version in order to benefit from the advantages mentioned above.