The higher-level load balancer is called Application Gateway, and it has some special abilities that set it apart from the regular load balancer. After watching this video, you can decide if you need basic Load Balancer or need to upgrade to a more advanced Application Gateway.
- [Instructor] The Azure Load Bouncer is what is called a layer four load bouncer. Layer four from the OSI model, if you recall, is the transport layer. So this load bouncer only understands IP addresses, ports, and networking at that level. It does not understand what an internet URL is. Basic load bouncers are free in Azure. If you need a more intelligent load bouncer that operates at layer seven, this would be an application gateway. Application gateways have a cost, but the benefit is that you can do some more complex rules. You can actually look at the domain name being used and make routing decisions based on that or you can look at the URL path and make decisions off of that or even recognize an attempt at SQL injection attack and block it right in the application gateway using a web application firewall. A load bouncer cannot do any of these things. Application gateways also have this option for a web application firewall. The WAF is a more sophisticated form of firewall. This web application firewall can detect common attacks such as cross site scripting and SQL injection and stop these requests from even making it to the server. No more Bobby Tables problems. Now that Bobby Tables comic by XKCD remains as one of my favorite that Russell Monroe ever created. The web application firewall follows a set of published internet standards called the Open Web Application Security Project or OWASP, which lists out the common attacks and how to detect them. The application gateway also comes with the ability to monitor its work using Azure Monitor. You can pull various reports and set alerts based on events that you want to track. It also integrates with the Azure Security Center for security monitoring. Load bouncers and application gateways are devices that you can find in Azure Marketplace and add them to your virtual network. For hopefully obvious reasons, the servers behind a load bouncer must be in the same region as the load bouncer itself. You cannot use a load bouncer or an application gateway to bounce traffic between different regions. If you need to do that, you need a traffic manager.
Author
Scott Duffy
Released
10/24/2019- Azure network basics
- Network fundamentals
- Virtual networks and subnets
- Network peering
- VPN gateway
- Virtual private networks
- Load balancing and Application Gateway
- Azure Traffic Manager
- Azure Front Door
- Virtual network service endpoints
- Virtual network traffic routing
Skill Level Advanced
Duration
Views
-
Introduction
-
What you should know1m 39s
-
1. Azure Networking Basics
-
What is networking?6m 6s
-
Azure networking protection2m 18s
-
Azure networking delivery1m 27s
-
Azure networking monitoring1m 45s
-
Networking fundamentals2m 45s
-
The OSI model5m 54s
-
Azure networking pricing4m 34s
-
-
2. Networking Options
-
Virtual networks3m 18s
-
Subnets4m 49s
-
Virtual private networks6m 52s
-
Load balancing4m 18s
-
Azure Application Gateway2m 27s
-
Azure Traffic Manager2m 46s
-
Azure Front Door2m 15s
-
Content delivery networks3m 49s
-
Virtual appliances1m 19s
-
Azure DNS1m 58s
-
-
3. Security
-
Network security groups4m 27s
-
-
4. Networking Strategy
-
Networking strategy6m 7s
-
-
5. Management Tools
-
Conclusion
-
Next steps35s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Azure Application Gateway