Home CloudAzure Benefits of KEMP LoadMaster for your Azure deployments

Benefits of KEMP LoadMaster for your Azure deployments

0 comment

Contents

Oftentimes, customers who are considering deploying their solutions to Azure in a cloud-only or hybrid environments, have to make a choice between Azure’s built-in load balancing functionality, and third-party solutions available in Azure Marketplace. KEMP’s LoadMaster is an advanced, integrated Application Delivery Controller which offers many ways to optimize and secure cloud based workloads with features including:

  • Layer 4-7 application load balancing, reverse proxy
  • Client authentication and single sign-on (SSO)
  • Content switching/Traffic Management
  • Global site traffic distribution (GSLB)
  • Layer 4-7 application load balancing with L7 persistence
  • Native IPsec VPN for hybrid deployments
  • Web application firewall (WAF)
  • Support multiple workloads on single public IP
  • SSL/TLS termination and re-encryption
  • Throughput up to 10Gbps/12,000 SSL TPS

This article provides an overview of some of the basic functionality of the KEMP Virtual LoadMaster (VLM) for Azure. It then shows how VLM for Azure can complement Microsoft’s cloud platform by considering three popular use cases. The first looks at how a single IP address can be used to deliver tailored services from differently configured back ends; the second covers SSL offload; the last illustrates single sign-on to cloud based resources. Further articles in this series will address additional Azure use cases enabled by LoadMaster.

Load Balancing Overview

KEMP has worked closely with Microsoft since the inception of the Azure cloud and was one of the first to offer full-featured ADC functionality through the Azure Marketplace. The features and functionality offered by KEMP LoadMaster for Azure allows customers to successfully deploy applications that rely heavily on Layer 7 application delivery functionality.

The following table provides a quick reference to the application delivery and load balancing features available from Azure’s built-in load balancing functionality and KEMP VLM for Azure:

Azure Load BalancerKEMP Loadmaster – for Azure
Application Aware – L7 Load Balancingxy
Content Switchingxy
Reverse Proxyxy
Web Application Firewallxy
Hybrid Traffic Distributiony

(Using Application Gateway)

y

(With Advanced Traffic Distribution)

Server Persistencey

(Limited options)

y

L4 / L7 (Cookie and More)

SSL Termination / Offloady

(Using Application Gateway)

y

(Full termination and offload capabilities with cipher selection)

Content caching and compressionxy
Least Connection Schedulingxy
VM Resource Availability Awarenessxy
High Availabilityy

Using Traffic Manager

y
Support Basic Tier VM (20% savings)xy
Single Sign Onxy
SmartCard (CAC) / Certificate Authxy
LDAP Authxy
Radius Authxy
Kerberos Constrained Delegation Supportxy

KEMP Virtual LoadMaster for Azure Use Cases

Let’s take a look a few of the most common use cases where customers chose KEMP LoadMaster for Azure for its ease of use and effectiveness to handle given application requirements.

Simplified Access to Complex Infrastructure

Azure-Content-SW_Final

The advanced content switching capabilities of the VLM for Azure leverage regular expressions (REGEX) to modify and direct traffic to the correct Azure service. Figure 2 shows how incoming requests on a single IP address can be routed to an appropriate service depending on the type and content of the request. Content matching rules along with header modification functionality within KEMP’s LoadMaster for Azure provide the flexibility to create solutions that benefit from multiple Azure Platform as a Service (PaaS) offerings (such as Azure Web Sites) as well as Azure Infrastructure as a Service (IaaS) offerings.

When leveraging Azure PaaS for web, mobile or other applications, there’s often a need to incorporate several of these services into a single web site/portal to achieve an integrated end-user experience. With the advanced content switching capabilities of KEMP LoadMaster, customers attain both the ability to move these applications to the cloud for reduced TCO as well as the flexibility to leverage multiple services for the needs of the business.

Secure Traffic Management with SSL Offload and Reencrypt

When leveraging functionality offered by different Azure offerings, or when a service provider is required to provide separation amongst multiple customers, it becomes important to understand the content being requested and route the request to appropriate destination. This traffic segmentation often requires SSL offload and re-encrypt functionality. The offload and re-encrypt functionality provided by VLM for Azure ensures that customers are able to provide end-to-end secure connection while making appropriate application request routing decisions.

Utilizing SSL offload and re-encrypt functionality, VLM for Azure customers are also able to leverage other Layer 7 functionality such as Web Application (WAF) Firewall, pre-authentication and group based request routing (using the KEMP Edge Security Pack) and content caching and compression, to name a few..

Single Sign-On and Active Directory integration

Azure-Content-AD_Final

As Microsoft adds new functionality to the Azure Active Directory offering, customers can benefit from other advanced functionality offered by KEMP.

Summary

The KEMP LoadMaster Edge Security Pack (ESP) provides security features such as single sign-on, pre-authentication and the ability to assign permitted groups. In addition, ESP can be configured to allow only specific URLs and virtual directories to be published through the LoadMaster.

With the introduction of Azure Active Directory Domain Services, AD can be extended into your virtual network and the KEMP Virtual LoadMaster for Azure can authenticate users directly. This configuration can provide seamless access to applications within Azure as well as single sign-on for multiple applications that are published using KEMP LoadMaster for Azure.

KEMP Virtual LoadMaster for Azure provides familiar, on-premises application delivery functionality in the Microsoft cloud. Customers looking for advanced Layer 7 ADC functionality for their applications find KEMP LoadMaster easy to deploy while providing advanced application health checks, multi-tenant hosting, a comprehensive set of load balancing algorithms and of course, high availability. When used in conjunction with KEMP’s new advanced offerings such as KEMP360 Central and KEMP360 Vision, customers also benefit from centralized control of their LoadMaster deployments and ensure the availability of their critical applications.

You may also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy