Azure Daily 2022 by Gordon

Gateway Load Balancer now generally available in all regions

Previously, Microsoft announced the public preview release of Gateway Load Balancer (GWLB), a new SKU of Azure Load Balancer targeted for transparent NVA (network virtual appliance) insertion supported by a growing list of NVA providers. Today, placing NVAs in the path of traffic is a growing need for customers as their workloads scale. Common use cases of NVAs we’ve seen are:

  • Allowing or blocking specific IPs using virtual firewalls.
  • Protecting applications from DDoS attacks.
  • Analyzing or visualizing traffic patterns.

And GWLB now offers the following benefits for NVA scenarios:

  • Source IP preservation.
  • Flow symmetry.
  • Lightweight NVA management at scale.
  • Auto-scaling with Azure Virtual Machines Scale Sets (VMSS).

With GWLB, bump-in-the-wire service chaining becomes easy to add on to new or existing architectures in Azure. This means customers can easily “chain” a new GWLB resource to both Standard Public Load Balancers and individual virtual machines with Standard Public IPs, covering scenarios involving both highly available, zonally resilient deployments and simpler workloads.

Figure 1: GWLB can be associated to multiple consumer resources, including both Standard Public Load Balancers and Virtual Machines with Standard Public IPs. When GWLB is chained to the front-end configuration or VM NIC IP configuration, unfiltered traffic from the internet will first be directed to the GWLB and then reach the configured NVAs. The NVAs will then inspect the traffic and send the filtered traffic to the final destination, the consumer application hosted on either the load balancer or virtual machine.

Source: Gateway Load Balancer now generally available in all regions

Networking
Security

Comments