Microsoft's Azure Application Gateway is a platform-managed, scalable, and highly available application delivery controller as a service with integrated web application firewall.
N/A
F5 BIG-IP DNS
Score 9.2 out of 10
N/A
F5 BIG-IP DNS (formerly BIG-IP Global Traffic Manager) secures DNS infrastructure.
For building scalable and highly available applications, Azure Application Gateway does most of the job on behalf of you; automatically load-balancing traffic from a number of users to a number of back-end servers. This ensure scalability and availability. The in-built security is great as can be expected from Microsoft, and user has a variety of tools for monitoring the health of the load-balancing function as well as the health of back end servers behind it.
Less appropriate: - Not best bet for startup’s as their budget is always tight - Not good for those companies where the engineers are not highly skilled otherwise the use Irules and security policies will not be utilised in optimal manner as it requires more cpu resources to work especially irules - For companies fully on cloud doesn’t best fit as I already highlighted cloud require more improvements when it comes to seamless performance Best Suited -Large enterprise companies where budget is not an issue - Companies whose traffic Rate Per Second is very high as it can handle huge RPS without latency - Companies whose business is surely depends on their availability
I love this product, especially DoH because it's not able to do the same functionality in NextGen firewalls on our edge location because of the nature that integrated with the F5 BIG-IP, the V we provide for our external clients and we love it the most because it's, it's right in the same box, we use it and then we get the benefits out of the same big IP boxes, same VE boxes. And I think that's the only aspect we liked the most.
I'd like to see better reporting capabilities on the decision-making process for DNS resolutions. Currently there are plenty of log messages for that, but I'd like to see tighter integration into the GUI.
It could be an improvement to better discriminate features intended for AA vs LDNS functionality within the GUI.
We use this heavily and it is one of the best products out there for this type of use case. We already have LTMs and to leverage GTM on top of that is just a piece of cake. Everything is so well integrated its amazing
Most of the Application Gateway's features and services can be managed and re-configured via either the Azure Portal GUI or via the Azure Cloud Shell, thus allowing both CLI modes, i.e. Azure CLI (Bash) and Azure Powershell. The v2 version of Application Gateway has significantly improved performance during initial configuration or during re-configuration changes, thus making it much more usable for IT admins, as compared to v1.
Most important usability of F5 BIG-IP DNS is it’s stability which other vendors lack -As mentioned earlier as well, it’s scalability is humongous as it can honour millions of request per second without latency - irules feature makes it top and worthy to fight with top contenders like cloudflare and Cisco - Moreover it’s stable even when the Rate Per second is high and at the same time, DDos occurs - Interface is user friendly for simple tasks but requires more manual work - TAC should provide more assistance when it comes to normal support as well but they do offer professional support license for tasks which other vendor assist on normal license as well
Other load balancing tools in Azure (Azure LB and Azure Traffic Manager) are limited in their functionality in comparison with the Azure Application Gateway, and also, they don't provide security features. Azure Firewall, although it has security features, is more expensive, and most importantly, it's not a load balancer at all.
As I mentioned, the GSLB capability, being able to do intelligent DNS by having access to monitor specific endpoints associated to my current BIG-IP infrastructure, I believe that brings a huge value, then combine fast responses and security.
Well, yes, I would say a big impact for ours. We were able to have more visibilities and trying to allow those traffic that we weren't able to see what is behind the scene and then reduce a lot of attackers. And then it led us to actually allow our clients freely using the DOT or DOH.
