You are designing an Azure solution.
The network traffic for the solution must be securely distributed by providing the following features:
-> HTTPS protocol
-> Round robin routing
-> SSL offloading
You need to recommend a load balancing option.
What should you recommend?
Click on the arrows to vote for the correct answer
A. B. C. D.D
If you are looking for Transport Layer Security (TLS) protocol termination ("SSL offload") or per-HTTP/HTTPS request, application-layer processing, review
Application Gateway.
Application Gateway is a layer 7 load balancer, which means it works only with web traffic (HTTP, HTTPS, WebSocket, and HTTP/2). It supports capabilities such as SSL termination, cookie-based session affinity, and round robin for load-balancing traffic. Load Balancer load-balances traffic at layer 4 (TCP or UDP).
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faqBased on the requirements provided in the question, the recommended load balancing option is Azure Application Gateway (Option D).
Here's why:
Azure Load Balancer (Option A) is a Layer 4 (TCP/UDP) load balancer that distributes incoming traffic among healthy instances of services defined in the load-balanced set. While it can provide round-robin routing, it does not support SSL offloading. SSL offloading is the process of decrypting SSL/TLS traffic at the load balancer before forwarding it to the backend servers. Since Azure Load Balancer does not support SSL offloading, it cannot meet the requirement of the solution.
Azure Traffic Manager (Option B) is a DNS-based traffic load balancer that distributes traffic across multiple Azure regions or external endpoints. It can provide HTTPS protocol, but it does not support SSL offloading and round-robin routing. Therefore, it does not meet the requirements of the solution.
Azure Internal Load Balancer (Option C) is similar to Azure Load Balancer but is designed for internal use only. It provides a Layer 4 load balancing capability to distribute traffic to virtual machines inside an Azure virtual network. Like Azure Load Balancer, it does not support SSL offloading and round-robin routing, so it does not meet the requirements of the solution.
Azure Application Gateway (Option D) is a Layer 7 (HTTP/S) load balancer that provides SSL offloading, round-robin routing, and other advanced features such as URL-based routing and cookie-based session affinity. It is designed to provide high scalability and availability for web applications. It supports SSL offloading, which decrypts incoming SSL/TLS traffic before forwarding it to backend servers. This feature offloads the processing overhead from the backend servers, improving performance and reducing resource usage. Azure Application Gateway can also provide round-robin routing, which distributes incoming traffic evenly among backend servers. Therefore, it meets all the requirements of the solution and is the recommended load balancing option.
In summary, Azure Application Gateway is the recommended load balancing option for this solution as it meets all the requirements of the solution, including HTTPS protocol, round-robin routing, and SSL offloading.