Every internet facing web application, whether serving a large audience or a small set of users in a single region, is by default a global application. Whether you are running a large news website with millions of users across the globe, running a B2B application for managing your sales channels or a local pastry shop in a city – your users are distributed/roaming across multiple locations, or your application demands deployment into multiple locations for high availability or disaster recovery scenarios. As a global application, your distributed users and/or application deployments place demands on you to maximize performance for your end users and ensure the application is always-on across failures and attacks.

Today I am excited to announce the general availability of Azure Front Door Service (AFD) which we launched in preview last year – a scalable and secure entry point for fast delivery of your global applications. AFD is your one stop solution for your global website/application and provides:

Application and API acceleration with anycast and using Microsoft’s massive private global network to directly connect to your Azure deployed backends means your app runs with lower latency and higher throughput to your end users.

with anycast and using Microsoft’s massive private global network to directly connect to your Azure deployed backends means your app runs with lower latency and higher throughput to your end users. Global HTTP load balancing enables you to build your application resiliently across regions, fail-over instantly and offer your users an “always-on” web site availability experience either at a domain or microservice (URL path) level.

enables you to build your application resiliently across regions, fail-over instantly and offer your users an “always-on” web site availability experience either at a domain or microservice (URL path) level. SSL offload at a massive scale enables you to maintain security and scale to a rapidly growing or expanding user base, all while reducing latency.

at a massive scale enables you to maintain security and scale to a rapidly growing or expanding user base, all while reducing latency. WAF @ Edge offering application security against DDoS attacks or malicious users at the edge providing protection at scale without sacrificing on performance.

Built atop Microsoft’s massive global network, Azure Front Door currently supports Microsoft’s biggest web workloads deliver high quality, highly performant services. Global brands such as Bing, Office 365, Xbox Live, MSN, LinkedIn and Azure DevOps leverage AFD’s competitive performance, enterprise grade reliability and massive scalability to deliver consistent, low latency, high throughput user and application experiences. Today AFD provides global coverage in over 35 countries across 65 metros and quickly growing.

Figure 1: Azure Front Door’s global footprint and Microsoft's Network

Use case scenarios

Customers come to AFD today focused on their core business needs to improve performance, scale their application, enable instant failover, or enable complex application architectures like IaaS and PaaS, on-prem + cloud, or multi-cloud hybrid experiences. AFD can be quickly and easily integrated into your application’s existing or new architecture and starts working out of the box. Adding AFD in front of your application or API also enables your customers to gain the benefit of our constant improvements and optimizations at the edge such as TCP Fast Open, WAN optimizations and improvements to SSL such as SSL session resumption. This means your users get optimized connectivity experiences day 1 with Front Door.

Below is a sample reference architecture outlining how an application can be designed for improved page load times, SSL offload and API routing. AFD runs at the Edge of Microsoft’s global network, performing TCP and SSL terminations close to end user, thereby improving performance of client access to applications. Traffic from AFD instances running at the Edge to application backends is routed on Microsoft’s private global network providing high reliability and optimized routing to the destination.

“The TCP and TLS optimizations from Azure Front Door along with their global edge footprint is perfect for our high-volume services”

- Ravi Krishnaswamy, CTO

“Azure Front Door Service allows us to manage our costs in a predictable way whilst ensuring performance for our end users”

- Colin Farrelly, DevOps SME

Figure 2: Sample architecture for accelerated and scalable web application

Another core Azure Front Door use case for building highly scalable apps is utilizing AFD’s smart load balancing algorithm to route traffic to the fastest available backend. Unlike the typical DNS-based load balancing systems, Azure Front Door delivers near instant failover across your application backends and with more granular control to even failover specific microservices. Our smart and efficient load balancing algorithms support both active-active as well as active-passive deployment configurations.

Figure 3: Sample architecture of an always-on web application

Azure Front Door Service is now generally available, providing a 99.99 percent availability SLA and a myriad of features including SSL offload, URL redirect and rewrite, HTTP/2, IPv6 support, session affinity, simple domain onboarding with free or custom SSL certs, caching, and much more. You can also read about the AFD WAF Preview which is also available now as well! Azure Front Door’s GA pricing goes into effect on May 1, 2019. Until then, you will continue to be billed based on the preview pricing.

Get started

Get started with the Azure Front Door Service today! To learn more about the service and the various features, refer to AFD documentation. If you are interested in exploring capabilities beyond the standard offering, simply file a feature request on our UserVoice page or feel free to contact us at afdfeedback@microsoft.com.