Azure Front Door is a global entry point for web applications. It operates at Layer 7 (HTTP/S), using Anycast protocol to route users to the nearest Point of Presence (PoP), effectively accelerating your app performance via split TCP.
Global Load Balancing
flowchart TB
UserUS[User US] -->|Anycast| PoPUS[PoP US]
UserEU[User EU] -->|Anycast| PoPEU[PoP EU]
PoPUS -->|Microsoft Backbone| WebUS[Web App US]
PoPEU -->|Microsoft Backbone| WebEU[Web App EU]
style PoPUS fill:#FFF3E0
style PoPEU fill:#FFF3E0
WAF (Web Application Firewall)
Protect against SQL Injection and XSS at the edge.
{
"policySettings": {
"enabledState": "Enabled",
"mode": "Prevention"
},
"customRules": [
{
"name": "BlockGeo",
"priority": 100,
"ruleType": "MatchRule",
"action": "Block",
"matchConditions": [
{
"matchVariable": "RemoteAddr",
"operator": "GeoMatch",
"matchValues": ["KP", "IR"] // Block countries
}
]
}
]
}Key Takeaways
- Use Front Door for multi-region HTTP/S apps.
- Use **Traffic Manager** for non-HTTP protocols (DNS based).
- Split TCP capability reduces latency for data uploads/downloads.
Discover more from C4: Container, Code, Cloud & Context
Subscribe to get the latest posts sent to your email.