How well do you know Azure application Gateway

Question Title

* 1. Can application gateway handle TCP / UDP Traffic

Yes , it can handle all type of traffic like TCP/UDP , HTTP/HTTPS

It can only handle HTTP/HTTPS

Application gateway cannot handle traffic of type TCP/UDP

Question Title

* 2. What is the basic server size for installing application gateway

D-Series VM are best suited for application gateway and they give best performance results.

It depends on the workload the customer is expected to run on the Application Gateway.

Because application gateway is a marketplace application , it all depends on the vendor.

Application gateway is a native paas service and there is no need install any hardware or software. Customer just configure the server.

Question Title

* 3. Does application gateway support websocket

No only Azure load balancer will support websocket

Yes , AGW does support websocket

AGW dosent support websocket natively , customers have to buy premium extension to get websocket support.

Question Title

* 4. Does application gateway provide public and private ip for applications to use

AGW provides only public ip address , because its a internet facing load balancer

It support only private ip address

customers can buy public ip address for AGW

AGW supports both public and private ip and the information can be extract using script or its visible in the Azure portal.

Question Title

* 5. Your customer wants to find out the originating IP address of the HTTP traffic. Does Application Gateway provide you with feature to find the originating IP address.

No there is no option available in Application gateway to find the originating IP address

Yes its very much possible

Customers have to monitor the incoming traffic using a third party tool to store the traffic. Run a search and extract the ip address.

Question Title

* 6. You customer has a 3 tier network model (Front end , application and database) layers. Each one is a subnet. The front end subnet has custom IDS/IPS SW and traffic packet inspection software due to corporate requirement. You are the solution architect and customer is looking to you to provide workable solution.

What will be your options and recommendations.

You will advise the customer to deploy the AGW directly on the subnet and make the IDS/IPS and the Traffic inspection SW as the backend pool.

You will advise the customer to deploy the build separate subnet and deploy AGW and leave the existing 3 tier as is.

You will sit down with the customer , understand why they build the 3 tier networking model and clearly understand why they decided to build the model. Take a look into the IDS/IPS and packet inspection deployment. Based on the analysis you will recommend the customer to build a separate Subnet or build a separate VNET with dedicated support for AGW and then just peer the traffic.

Question Title

* 7. Your customers networking team is complaining that they are able to get the health information after a recent changes to the networking configuration. You are on phone with the customer. What will be your approach to identify the issue.

Understand what changes the networking team made in the recent past and ask them to send the log to you for verification.

You will ask the network engine to clearly list out the changes done to the NSG and also understand if they have ever seen the health working.

Get the engineer to look if exceptions must be put in for incoming traffic on ports starting with 65xx - 65xxx.

Question Title

* 8. You customer is large finserv customer and they will never allow any outbound internet access from any Azure resource. But the customer like the feature set of the Application gateway. What you will recommendation to the customer.

Application gateway requires outbound internet access and without which it wont work.

Application gateway dosent require outbound internet access and will work fine.

Question Title

* 9. Your customer is using Akamai as their CDN and all the traffic to the azure will flow through that. To configure outbound traffic and your customer wants to white list the IP address of the application gateway.

What is the best way to reserve the IP address of application gateway. You are the lead cloud solution architect and you have to come up with a solution and advice the customer on the right direction. How will you go about it.

You will advise the customer , that its not possible to reserve IP Address and recommend them to implement custom load balancer.

Advise you customer to host a Azure Load balancer as the front end point for all traffic and then route the traffic to application load balancer.

Explain to the customer that Azure load balancer is build to have IP Reservation and its not possible to reserve IP Address with AGW. Take a deeper look into what feature set your customer is looking to use with in the Application Gateway and determine , if the application gateway is needed in the first place. If you are able to analyze based on the factual information , that the customer does need application gateway. You will advise them its not possible to reserve the IP address. Alternatively , verify if the customer is okay to use
any of the 3rd party appliances from Azure marketplace that can address the requirement.

Question Title

* 10. Can single subnet support both v2 and v1 Application Gateway SKUs.

Yes

Question Title

* 11. Does Application Gateway support email protocols such as SMTP, IMAP, and POP3.

Yes

Question Title

* 12. Select type of Sizing options that can be configured for App Gateway V2

Fixed

Auto-scaling

Instance Sizes ( Small,Medium,Large)

Question Title

* 13. Identify the appropriate back-end server pools based on URL Paths of the request. Requests for http://contoso.com/meme/* are routed to

MemeServerPool

Meme

DefaultServerPool

Question Title

* 14. Does Application Gateway allow you to create custom error pages?

Yes