The document outlines various methods for deploying and managing web traffic with Azure services, including the Azure Application Gateway and static website hosting in Azure Storage. It covers topics like backend pool configurations, application insights for monitoring HTTP requests, and security management best practices. It also references useful Azure documentation and best practices for using Azure firewall and web application firewall features.

1. Route web traffic using Azure CLI
myAppGateway
appGatewayBackendPool
imagesBackendPool
videoBackendPool
myVNet
/*
/images/*
/video/*
myAGPublicIPAddress
https://docs.microsoft.com/en-us/azure/application-gateway/tutorial-url-route-cli
1
1

2. Azure Application Gateway
https://docs.microsoft.com/en-us/azure/application-gateway/overview
Browser Rule
HTTP
Setting
App Gateway
frontend IP
x.x.x.x
HTTP/HTTPS
listener
Backend Pool
VMs
VMSS
On-prem
Servers
2

3. Static Website Hosting in Azure Storage
Browser Rule
HTTP
Setting
App Gateway
frontend IP
x.x.x.x
HTTP/HTTPS
listener
Azure GPv2 Storage Account
+
Static Website Hosting Support
Asset Files
i.e. HTML, CSS,
.png, .js
Azure
CDN
3

4. Static Website Hosting in Azure Storage
Browser Rule
HTTP
Setting
App Gateway/WAF
frontend IP
x.x.x.x HTTP/HTTPS
listener
Azure
CDN
Asset Files
i.e. HTML, CSS,
.png, .js
Azure GPv2 Storage Account
+
Static Website Hosting Support
Browser
App Gateway/WAF
frontend IP
x.x.x.x HTTP/HTTPS
listener
Azure
CDN
Web App Service
Asset Files
i.e. HTML, CSS,
.png, .js
Azure GPv2 Storage Account
Rule
HTTP
Setting
Browser
App Gateway/WAF
frontend IP
x.x.x.x HTTP/HTTPS
listener
Azure
CDN Asset Files
i.e. HTML, CSS,
.png, .js
Azure GPv2 Storage Account
Rule
HTTP
Setting
Load Balancer &
Backend VM
Scale Set Pool
4

5. Azure Application Gateway
ImageServerPool
VideoServerPool
Contoso.com
/images/*
/video/*
https://docs.microsoft.com/en-us/azure/application-gateway/overview
5

6. Azure Application Insights
HTTP
requests
https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview
AI
AI
Application
Insights
Your Web
Service
External
Services
Background
Services
Alerts
Power BI
Visual Studio
Rest API
Continuous
export
Dependency
Calls
AI
Web Pages
Client apps
Azure Monitor
6

7. Static Website Hosting
https://medium.com/@emin.askerov/static-website-hosting-in-azure-storage-with-custom-domain-and-ssl-support-using-azure-application-b17f95c6764c
Virtual Network
Resource
Group
Azure
Application Gateway
Azure
Storage Account with
Static Website Hosting
Support
Azure
Content Delivery
Network
HTTPS/HTTP
80/443
HTTP 80
7

8. MS Ignite Sept. 2018 - Azure Firewall - BRK4029 - Azure Firewall and Best Practices
Spoke 1
Central VNet
Spoke VNets
L3-L7 Connectivity Policies
NAT, Network and Application traffic
filtering rules allows
Inbound/Outbound access
Traffic is denied by
default
On-Premises
Azure to On-Prem
traffic filtering
Azure Firewall
8

9. Web App Firewall - BRK4029 - Azure Firewall and Best Practices
Site 1
App
Gateway
Valid
request
Valid
request
L7 LB
WAF
SQL
injection
Valid
request
XSS attack
9

10. Security Management With Azure Services - BRK2021 - Azure security & management
Threat
Protection
Microsoft Antimalware
for Azure
Security
Management
Azure Monitor
Azure Security Center
Network Security
(SDN)
VNET, VPN, NSG
Application Gateway
(WAF), Azure Firewall
DDoS Protection
Standard
ExpressRoute
Encryption
Encryption
(Disks, Storage, SQL)
Azure Key Vault
Confidential
Computing
Identity & Access
Management
Azure Active Directory
Multi-Factor
Authentication
Role Based
Access Control
Azure Active Directory
(Identity Protection)
+ Partner Solutions
10