Azure Traffic Manager
Question
You are designing an Azure solution.
The solution must meet the following requirements:
-> Distribute traffic to different pools of dedicated virtual machines (VMs) based on rules.
-> Provide SSL offloading capabilities.
You need to recommend a solution to distribute network traffic.
Which technology should you recommend?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A
If you require "SSL offloading", application layer treatment, or wish to delegate certificate management to Azure, you should use Azure's layer 7 load balancer
Application Gateway instead of the Load Balanacer.
Incorrect Answers:
D: Because Load Balancer is agnostic to the TCP payload and TLS offload ("SSL") is not provided.
https://docs.microsoft.com/en-us/azure/application-gateway/overviewFor the given requirements of distributing traffic to different pools of dedicated virtual machines (VMs) based on rules and providing SSL offloading capabilities, the recommended solution is Azure Application Gateway.
Azure Application Gateway is a web traffic load balancer that can manage and route traffic to a specific pool of virtual machines based on defined rules. It is a fully-managed service that provides features such as SSL termination, URL-based routing, session affinity, and more.
The SSL offloading feature allows the Application Gateway to terminate SSL connections from clients and then forward the traffic to the backend pool using unencrypted HTTP or HTTPS connections. This can offload the SSL processing from the backend VMs, improving their performance.
Azure Load Balancer is another load balancing solution provided by Azure, but it primarily focuses on distributing network traffic across VMs within a single virtual network or availability set. It does not provide SSL offloading capabilities, and does not have URL-based routing or session affinity features.
Azure Traffic Manager is a DNS-based traffic routing solution that can route traffic to different endpoints based on defined rules such as geographic location, endpoint health, and more. However, it does not provide SSL offloading capabilities or URL-based routing, and is not suitable for managing traffic to a specific pool of VMs.
Server-level firewall rules can restrict inbound or outbound traffic to specific IP addresses or ranges, but it cannot distribute traffic to different pools of dedicated virtual machines based on rules, or provide SSL offloading capabilities.
Therefore, Azure Application Gateway is the most suitable solution to meet the given requirements.
