I have a SaaS web app developed with Angular 8 and Asp.net Core Web API. I have deployed web api to a azure web app and deployed angular front-end web app to another azure web app as well.
The users are from China and Australia and other countries. I want to have region load balance like Chinese users uses web app on china azure region and australian users use Australian azure region web app so that it has best performance. Azure SQL DB will be in one place (in australia).
In addition, i want to prevent attacking to web front app and web api like d-dos, web scraping and SQL injection. For web scraping, i want to add access rate limitation from one ip.
Can you please advise what service i should use? I saw the blog talking about azure application gateway, azure load balancer, azure front door and azure traffic manager. It is a bit confusing to me. I need a best practise based on my this real world scenario. Should I use one of the service or should I use multiple services?
Traffic Manager & Application Gateway - Traffic Manager provides DNS-based load balancing, while the Application Gateway gives you many of the same capabilities as Azure Front Door but at the regional level such as: Web Application Firewall (WAF) Transport Layer Security (TLS) termination. Path-based routing.
To sum it up, we learned that the Azure Traffic Manager has been designed to distribute traffic globally (Multiregional environments). Nevertheless, the Azure Load Balancer can only route traffic inside an Azure region, as it only works with Virtual Machines in the same region.
Internal and public load balancer: Azure Load balancer supports Internal Load balancing where you can balance the traffic of an internal virtual network or traffic within a virtual network. Public load balancer used for balancing the internet traffic to virtual machines.
What is the difference between Azure Front Door and Azure Application Gateway? While both Front Door and Application Gateway are layer 7 (HTTP/HTTPS) load balancers, the primary difference is that Front Door is a non-regional service whereas Application Gateway is a regional service.
Based on your requirement:
AFD is a global Load balancer. It has WAF capability. It can Cache the data and provide quicker responses(CDN functionality). AFD uses an intelligent probing mechanism, through which it chooses the endpoint which is closer to the client who is making the request.
Hope this helps.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With