6

I have a SaaS web app developed with Angular 8 and Asp.net Core Web API. I have deployed web api to a azure web app and deployed angular front-end web app to another azure web app as well.

The users are from China and Australia and other countries. I want to have region load balance like Chinese users uses web app on china azure region and australian users use Australian azure region web app so that it has best performance. Azure SQL DB will be in one place (in australia).

In addition, i want to prevent attacking to web front app and web api like d-dos, web scraping and SQL injection. For web scraping, i want to add access rate limitation from one ip.

Can you please advise what service i should use? I saw the blog talking about azure application gateway, azure load balancer, azure front door and azure traffic manager. It is a bit confusing to me. I need a best practise based on my this real world scenario. Should I use one of the service or should I use multiple services?

Improve this question

1 Answer 1

Reset to default
9

Based on your requirement:

  1. Since the Backend Resource is Web App, you can ignore Load balancer (Layer 4) where you can only add VMs or VMSS
  2. Your another requirement is WAF, and it is only available in AFD and AppGW. But you can use Traffic Manager as first Tier Load balancing and have AppGW in the different regions to provide high resilience.
  3. As you want users from specific country to reach nearest backend resource, it seems like, the best solution for you is AFD.

AFD is a global Load balancer. It has WAF capability. It can Cache the data and provide quicker responses(CDN functionality). AFD uses an intelligent probing mechanism, through which it chooses the endpoint which is closer to the client who is making the request.

Hope this helps.

Improve this answer
7
  • Exactly answered my question. Thank you very much! appreciate that.
    – Edison
    Jun 7, 2019 at 6:28
  • A further question, since I have two web apps (one is front-end Angular web app and another is Rest Web API for back-end). Can you please advise should I have one Azure Front Door for my web apps? or one Azure Front Door for each web app (two AFDs in total)?
    – Edison
    Jun 13, 2019 at 23:10
  • 2
    You can have one AFD with multiple backend pools and front end configs
    – msrini-MSIT
    Jun 14, 2019 at 3:03
  • Thank you. In addition, I need to use custom domain name. e.g. my front door is called contoso.azurefd.net. My custom domain name is www.contoso.com. I will add contoso.azurefd.net as CNAME on GoDaddy website. Since www.contoso.com points to front end web app only (not web api) and web api is at apicontoso.azurewebsites.net, how can I add apicontoso.azurewebsites.net into front door. I assume front door only has one url which is contoso.azurefd.net,
    – Edison
    Jun 26, 2019 at 4:01
  • 2
    add apicontoso.azurewebsites.net as a new backend pool and create a new routing rule for your API
    – msrini-MSIT
    Jun 26, 2019 at 4:18

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.